Informativa sulla protezione dei dati personali di Parfümerie Akzente GmbH

Data Protection Statement of Parfümerie Akzente GmbH

1. General Notes and Mandatory Information

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection statement listed below this text.

2. Data collection on our website

2.1 Who is responsible for the data collection on this website?

The party responsible for the processing is Parfümerie Akzente GmbH, Meisenstrasse 12, D-74629 Pfedelbach, Germany (hereinafter referred to as the Responsible Party) and processes the data provided by the data subject (hereinafter referred to as the Customer) in accordance with the provisions of the European Data Protection Regulation (hereinafter referred to as the GDPR). The contact details of the Responsible Party are: Address: Parfümerie Akzente GmbH, Meisenstrasse 12, D-74629 Pfedelbach, Germany
Tel.: 800 - 690 911
Fax: +49 7941 955 00 79
E-Mail: service@parfumdreams.it

2.2 How do we collect your data?

The processing of the Customer's personal data is necessary for the performance of a contract to which the Customer is a party or for the implementation of pre-contractual measures which take place at the Customer's request. This applies in particular to the use of the online shop as well as subscribing to the newsletter or the WhatsApp service. The legal basis for this processing is Art. 6 para. 1b GDPR. In the event that the Customer uses the contact form, the personal data will be used exclusively for processing the Customer's enquiry. The legal basis for this processing is the Customer's consent pursuant to Art. 6 para. 1a GDPR. In the other cases in which personal data is processed, the processing is carried out in order to safeguard the legitimate interests of the Responsible Party, namely to analyse the use of the website by Google Analytics, Webtrekk, Kameleoon, Overheat; to determine a Net Promoter Score (Zenloop) and to integrate third parties (Zanox - Awin, Criteo, Facebook, Shopzilla, Bing Ads, Doubleclick, Kelkoo, Shopping24, Google Adwords, Google Conversion Code, NetScaleNow, Sovendus) . The legal basis for this processing is Art. 6 para. 1f GDPR. The Responsible Party points out the Customer's right to object. The Customer can obtain more detailed information in points 2.7, 2.9, 2.10 & 6 of this Statement.

2.3 What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user behaviour.

2.4 Fulfilment of the contract or implementation of pre-contractual measures:

For the performance of the contract or the implementation of pre-contractual measures, the personal data of the Customer which is transferred to the Responsible Party is made accessible to the following recipients / categories of recipients: - Shipping service providers: Deutsche Post AG, Charles-de-Gaulle-Strasse 20, D-53113 Bonn, Germany, or to DHL Paket GmbH, Strässchensweg 10, D-53113 Bonn, Germany, or Hermes Germany GmbH, Essener Strasse 89, D-22419 Hamburg, Germany, or Österreichische Post AG, Rochusplatz 1, A-1030 Vienna, Austria.

  • Web hosting company
  • Telephone and fax providers
  • Our tax consultant
  • Banks: Kreissparkasse Heilbronn, Am Wollhaus 14, D-74072 Heilbronn, Germany
  • If using the WhatsApp service: Whappodo.COM! GmbH, Walter-Kolb-Strasse 5-7, D-60594 Frankfurt, Germany
  • If using the newsletter: Emarsys Interactive Services GmbH, Stralauer Platz 34, D-10243 Berlin, Germany
  • Payment providers such as PayPal, Amazon Pay etc.

Personal data will not be made available to third parties without the written consent of the Customer, unless this is required by law. The provision of the following data is mandatory for the conclusion of a contract (mandatory data):

  • first name and surname
  • address (street, postcode, town/city)
  • telephone number
  • e-mail address

In order to use the WhatsApp service, it is mandatory to provide the following data: telephone number For payment by invoice: date of birth The following data is mandatory for the use of the newsletter: e-mail address All other details are not required for the conclusion of the contract and are therefore voluntary. If the mandatory information required for the conclusion of the contract is not provided, no conclusion of the contract shall take place. Failure to provide the voluntary information will not affect the conclusion of the contract.

2.5 Use of the contact form:

The personal data that you provide to us via the contact form (e.g. your name and address or your e-mail address) will only be processed for correspondence with you and only for the purpose for which you provided us with the data.

2.6 Analysis tools and third-party tools

When visiting our website, your surfing behaviour can be statistically evaluated. This is mainly done with cookies and with so-called analytical programs. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following Data Protection Statement. You may object to this analysis. We will inform you about the objection options in this Data Protection Statement.

2.7 Cookies

On various pages, the Responsible Party uses cookies to make visiting its websites attractive and to enable the use of certain functions. Cookies are small text files that are stored on the visitor's computer. Most of the cookies used by the Responsible Party are deleted from the visitor's hard drive at the end of the browser session (so-called session cookies). Other cookies remain on the visitor's computer and enable the Responsible Party to recognise the visitor's computer on the next visit (so-called permanent cookies). Of course, the Customer may reject the cookies at any time, provided that the browser used allows this.

2.8 What is onsite targeting?

On the parfumdreams.it website, data is collected on the basis of cookie technology to optimise our advertising and the entire online range. This data is not used to identify you personally, but is used solely for an anonymous evaluation of the use of the homepage. At no time will your data be merged with personal data stored by us. This technology allows us to present you with advertisements and/or special offers and services whose content is based on information obtained in connection with clickstream analysis (for example, advertisements targeted to the fact that only sports shoes have been viewed in the last few days). Our aim here is to make our online range as attractive as possible for you and to present you with advertising that corresponds to your areas of interest.

2.9 Are there also cookies from third-party providers (so-called third-party cookies)?

parfumdreams.it makes use of a number of advertising partners who help to make the Internet range and the parfumdreams.it website more interesting for you. Therefore, cookies from partner companies are also stored on your hard drive when you visit the parfumdreams.it website. These are temporary cookies that automatically delete themselves after the specified time. Cookies from partner companies are usually deleted after a few days or up to 24 months, in individual cases even after several years. The cookies of our partner companies do not contain any personal data either. Data is only collected pseudonymously with a user ID. This pseudonymous data is never merged with your personal data. Among other things, our advertising partners use so-called Flash cookies. This type of cookie does not collect any personal data from you either; the data collection and use is completely anonymous. These Flash cookies are automatically deleted by your browser after a few minutes, hours or days.

2.10 Retargeting

Our website uses so-called retargeting technologies for this purpose. We use these technologies to make the website more interesting for you. This technology makes it possible to address internet users who have already shown interest in our shop and our products with advertising on our partners' websites. We are convinced that the display of personalised, interest-based advertising is usually more interesting for the Internet user than advertising that has no such personal reference. The display of these advertisements on the websites of our partners is based on cookie technology and an analysis of previous user behaviour. This form of advertising is completely anonymous. No personal data is stored and no usage profiles are merged with your personal data. Deactivate retargeting here. To opt out of this Interest-based advertising, please visit the following websites: http://www.networkadvertising.org/choices/
http://www.youronlinechoices.com/

I consent to the use of so-called cookies and thus to the collection, storage and use of my usage data. Furthermore, I consent to my data being stored in cookies beyond the end of the browser session and, for example, being retrieved the next time I visit the website. I may revoke this consent at any time with effect for the future by refusing to accept cookies in my browser settings. We may share information such as technical identifiers from your login information on our [website/app] or our CRM system with trusted advertising partners. This can link your devices and/or environments and offer you a seamless user experience with the devices and environments you use. For more details on these linking capabilities, please refer to the Data Protection Statement found in the aforementioned platforms or the explanations below.

On our pages, through the technology of RTB House (RTB House SA, ul. Złota 61/101, PL-00-819 Warsaw, Poland), information about the surfing behaviour of website visitors is collected for marketing purposes in a pseudonymous form, and cookies and web beacons are set for this purpose. RTB House can thus analyse surfing behaviour and then display targeted product recommendations as a suitable advertising banner when other websites are visited. In no case can the pseudonymised data be used to personally identify the visitor to the website. The data collected by RTB House is only used to improve the promotional offers. Each overlaid banner has a small “=” (for information) in the bottom left, which opens when the mouse hovers over it and leads to a page on which the system is explained and an opt-out is offered. When you click on opt-out, an “opt-out” cookie is set which prevents the display of these banners in the future. No other use or disclosure to third parties will take place. You can find out more about RTB House's Data Protection Statement and data protection guidelines in general at https://www.rtbhouse.com/privacy-center/services-privacy-policy/

2.11 Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transfers to us. These are:

  • browser type and version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of the server request
  • IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1f GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. The deletion of the log files takes place within 14 days.

2.12 Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up enquiries. We do not pass on this data without your consent. The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1a GDPR). You may revoke this consent at any time. All you need to do is send us an informal message by e-mail. The lawfulness of the data processing operations carried out until the revocation remains unaffected by the revocation. The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.

2.13 Registration on this website

You can register on our website to use additional features on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise we will refuse the registration. For important changes, for example to the scope of the range on offer or in the case of technically necessary changes, we use the e-mail address provided during registration to inform you in this way. The processing of the data entered during registration is based on your consent (Art. 6 para. 1a GDPR). You may revoke any consent you have given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing already carried out remains unaffected by the revocation. The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.

2.14 Comments function on this website

For the comments function on this site, in addition to your comment, details of when the comment was created and, if you do not post anonymously, the username you have chosen, will be stored.

2.15 Storage period for the comments

The comments and the associated data (e.g. time of creation, user name) are stored and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments).

2.16 Legal basis

The storage of the comments is based on your consent (Art. 6 para. 1a GDPR). You may revoke any consent you have given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing operations already carried out remains unaffected by the revocation.

2.17 Processing data (Customer and contractual data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our Internet pages (usage data) only insofar as this is necessary to enable the user to use the service or to charge for it. The collected Customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

2.18 Credit rating and scoring

In the event that we make advance payments, e.g. in the case of a purchase on account, we may obtain creditworthiness information from the company CRIF Bürgel GmbH, Radlkoferstrasse 2, D-81373 Munich, Germany, on the basis of mathematical and statistical methods, in order to protect our legitimate interests. We transfer personal data collected within the scope of this contractual relationship concerning the application, the performance and the termination of this business relationship as well as data concerning non-contractual behaviour or fraudulent behaviour to CRIF Bürgel GmbH, Radlkoferstrasse 2, D-81373 Munich, Germany. The legal basis for these transfers is Article 6 paras. 1b and 1f of the General Data Protection Regulation (GDPR). Transfers based on Article 6 para. 1f GDPR may only be made insofar as this is necessary to safeguard the legitimate interests of our company or third parties and does not override the interests or fundamental rights and freedoms of the data subject which require the protection of personal data. The data exchange with CRIFBÜRGEL also serves to fulfil statutory obligations to carry out creditworthiness checks on Customers (§§ 505a and 506 of the German Civil Code). CRIFBÜRGEL processes the data received and also uses it for the purpose of profiling (scoring) in order to provide its contractual partners in the European Economic Area and in Switzerland as well as, if applicable, other third countries (insofar as an adequacy decision of the European Commission exists in respect of these) with information, inter alia, for assessing the creditworthiness of natural persons. More detailed information on the activities of CRIFBÜRGEL can be found in the CRIFBÜRGEL information sheet or online at www.crifbuergel.de/de/datenschutz

2.19 Use of GPS data

If you use parfumdreams.it mobile or via the app, you also have the option of having a corresponding location near you displayed or being informed about location-based promotions. This is achieved by using your GPS data. The GPS data retrieved is used exclusively for the corresponding services. You can deactivate this access to the GPS data at any time in the settings of your device. However, automatic location and search for actions in your vicinity is then no longer possible.

2.20 Data transfer upon conclusion of a contract for online shops, traders and dispatch of goods

We only transfer personal data to third parties if this is necessary within the framework of the contract processing, for example to the companies entrusted with the delivery of the goods or to the credit institution entrusted with the payment processing. Further transfer of the data will not take place, or only if you have expressly consented to the transfer. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

2.21 Applications and prescreen

handling of applicant data

We offer you the opportunity to apply to work with us (e.g. by e-mail, post or via an online application form). In the following, we will inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews etc.) to the extent that this is necessary to decide whether to establish an employment relationship. The legal basis for this is § 26 of the BDSG (German Federal Data Protection Act) under German law (initiation of an employment relationship), Art. 6 para. 1b of the GDPR (general contract initiation) and - if you have given your consent - Art. 6 para. 1a of the GDPR. The consent may be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1b GDPR for the purpose of implementing the employment relationship.

Retention period of the data

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 para. 1f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data is then deleted and the physical application documents destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an imminent or pending legal dispute), the data will only be deleted when the purpose for continued storage no longer applies. Longer storage may also take place if you have given your consent (Art. 6 para. 1a GDPR) or if legal storage obligations prevent deletion.

Inclusion in the applicant pool

If we do not make you a job offer, we may be able to include you in our pool of applicants. In case of acceptance, all documents and details from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies. Inclusion in the applicant pool is based exclusively on your express consent (Art. 6 para. 1a GDPR). Giving consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

Forwarding of the data

Your data will mainly be processed by our HR department. However, in some cases other internal and external bodies are also involved in the processing of your data. Internal bodies may be departments or divisions or the works council of our company. We use Prescreen International GmbH as an external service provider. Prescreen International GmbH, Mariahilfer Strasse 17, A-1060 Vienna, Austria (hereinafter referred to as “Prescreen”), operates the e-recruiting system Prescreen under the domain *.jobbase.io (hereinafter referred to as “jobbase.io”), through which companies can place job advertisements and receive and manage applications. Within the scope of these activities, Prescreen processes personal data only on behalf of and for the purposes of ideenreich GmbH and is therefore a so-called processor within the meaning of Art. 4 no. 8 GDPR.
Jobbase.io is the central platform for our applicant management. When using our online form, your your personal data will be recorded directly in jobbase.io. Even in the case of a postal or e-mail application, your data may be transferred to the e-recruiting system.

Prescreen applicant tool

The Prescreen tool is provided for processing online applications.
Prescreen International GmbH
Mariahilfer Strasse 17
A-1060 Wien
If you have any questions regarding data protection law, please contact Prescreen International GmbH at datenschutz@prescreen.io

Automatically collected usage data

When accessing the jobbase.io domain, your internet browser automatically transfers certain usage data for technical reasons. This information is stored separately from other data in so-called log files. The following information is collected by Prescreen:
• date and time and duration of access,
• browser type/version,
• operating system used,
• URL of the previously visited website,
• volume of data transferred,
• a GeoIP lookup takes place using the IP address (Internet Protocol address),
• name of the retrieved files,
• http status code (e.g. “request successful”),
• and URL of the accessed website,
• access type (GET,POST).
This data is technically necessary to offer the functions of the e-recruiting system and to ensure its stability and security. It is stored by Prescreen for a period of 12 months. Data whose further retention is required for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified. The legal basis for the processing of the data is Art. 6 para. 1f GDPR.

2.22 Affiliate marketing

Affiliate marketing is an Internet-based form of distribution. It enables commercial operators of websites (merchants) to display advertising, which is usually remunerated via click or sale commissions, on third-party websites, i.e. on the websites of sales partners (affiliates). On our website, we use the conversion tracking of the affiliate platform CJ.
For this purpose, cookies are set on end devices of users, which serve the sole purpose of a correct allocation of the success of an advertising medium and the corresponding billing and success-based remuneration of a publisher within the framework of the corresponding network. Personal data is not collected, processed or used in this context. In a cookie, only the information about when a particular advertising medium was clicked on by an end device is placed. In the tracking cookies, an individual sequence of numbers is stored, which cannot be assigned to the individual user, with which the partner programme of an advertiser, the publisher and the time of the user's action are documented. During this process, information about the end device, e.g. the operating system and the requesting browser, is also collected.

2.23 Hosting and Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, metadata and communication data, contractual data, contact details, names, website traffic and other data generated via a website. The hoster is used for the purpose of contract fulfilment vis-à-vis our potential and existing customers (Art. 6 para. 1b of the DSGVO/GDPR) and in the interests of a secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1f of the DSGVO/GDPR). Our hoster will only process your data to the extent that this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. We use the following hoster:
ANEXIA® Internetdienstleistungs GmbH
Feldkirchner Strasse 140
A-9020 Klagenfurt
Austria

Akamai Technologies GmbH
Parkring 22
D-85748 Garching
Germany

Order processing

We have concluded an order processing agreement (“AVV”) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this company only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO/GDPR.

Akamai

We use the “Akamai” service. The provider is Akamai Technologies GmbH (hereinafter “Akamai”). Akamai offers a globally distributed Content Delivery Network with DNS. In this process, the transfer of information between your browser and our website is technically routed via the Akamai network. This enables Akamai to analyse traffic between your browser and our website and act as a filter between our servers and potentially malicious traffic from the Internet. In doing so, Akamai may also use cookies or other technologies to recognise Internet users, but these are used solely for the purpose described here. The use of Akamai is based on our legitimate interest in making our website as error-free and secure as possible (Art. 6 para. 1f of the DSGVO/GDPR).

Order processing

We have concluded an order processing agreement (“AVV”) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this company only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO/GDPR.

3. What rights do you have regarding your data?

3.1 Revocation of your consent to data processing

Many data processing operations are only possible with your explicit consent. You may revoke consent you have already given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

3.2 Data protection rights

Every Customer has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right of objection under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions according to §§ 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Article 77 GDPR in conjunction with § 19 BDSG). The Customer may find the legal texts here. Please use the information given in point 2.1 of this Data Protection Statement to assert your rights. When doing so, please ensure that we are able to clearly identify you.

3.3 Right of objection and other rights

If the Customer has given his/her consent to the processing of personal data relating to him/her for one or more specific purposes, the Customer shall be entitled to revoke the consent with effect for the future. In particular, the Customer has the right to object to the processing of personal data within the scope of legitimate interests at any time and free of charge with effect for the future. For this purpose, it is sufficient to send an e-mail to datenschutz@parfumdreams.de or to the address mentioned in point 1. Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his/her residence, place of work or the place of the alleged infringement, if the data subject considers that the processing of personal data relating to him/her infringes this Regulation. A list of data protection officers and their contact details may be found via the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

3.4 Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you ask for the data to be transferred directly to another responsible party, this will only be done insofar as it is technically feasible.

3.5 Encrypted payment transactions on this website

If, after the conclusion of a contract involving costs, there is an obligation to provide us with your payment data (e.g. account number in the case of direct debit authorisation), this data is required for the processing of payments. Payment transactions via the common means of payment (Visa/MasterCard, direct debit, PayPal etc.) are made exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser bar. With encrypted communication, your payment data that you transmit to us cannot be read by third parties. 3.6 Information, blocking, deletion Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, a right to correction, blocking or erasure of this data. You can contact us at any time at the address given in the legal notice for this purpose and for further questions on the subject of personal data.

3.6 Information, blocking, deletion

You have the right to free information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.

3.7 Storage period

Upon the complete settlement of the contract, which includes the full payment of the agreed remuneration, the client's data, which must be kept for legal reasons, will be blocked. This data is no longer available for further use. After the legal reason has ceased to exist, this blocked data is deleted. In the event that the Customer uses the contact form, the personal data will be used for the duration of the processing of the enquiry. Subsequently, the data that must be retained for legal reasons is blocked. This data is no longer available for further use. The responsible person is subject to various storage and documentation obligations, which result, among other things, from the German Federal Lawyers' Act (BRAO) and the German Fiscal Code (AO). The time limits specified there for storage and documentation are between two and ten years. Finally, the storage period is also assessed according to the statutory limitation periods which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), are usually three years, but in certain cases may be up to thirty years. Otherwise, the personal data will be deleted unless the Customer has expressly consented to further processing and use of his/her data. The data collected via Google Analytics, AdWords, Doubleclick, AdSense and Analytics Remarketing is stored for 50 months. Log files are stored for 14 days.

4. Contact details of the data protection officer

If you have any questions about this Data Protection Statement or generally about the processing of your data within the scope of this online offer, please contact our data protection officer:

Parfümerie akzente GmbH
Data Protection Officer
Meisenstrasse 12
D-74629 Pfedelbach

E-mail: datenschutz@parfumdreams.de

5. Social media

Our social media presence

Data processing through social networks We maintain publicly accessible profiles on social networks. The social networks we use in detail may be found below.
Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media sites triggers numerous processing operations relevant to data protection. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal may assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
Please also note that we are not able to track all processing on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection regulations of the respective social media portals.

Legal basis

Our social media presences are designed to ensure the broadest possible presence on the internet. This is a legitimate interest within the meaning of Art. 6 para. 1f GDPR. The analytical processes initiated by the social networks may be based on different legal grounds which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1a GDPR).
Responsible Party and assertion of rights
If you visit one of our social media presences (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You may exercise your rights (information, correction, erasure, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).
Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions - especially retention periods - remain unaffected. We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection policy; see below).

Social networks in detail

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as “Meta”). According to Meta, the data collected is also transferred to the USA and other third countries.
We have entered into a joint processing agreement (Controller Addendum) with Meta. This agreement specifies the data processing operations for which we or Meta are responsible when you visit our Facebook page. You may view this agreement via the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You may adjust your advertising settings independently in your user account. To do so, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details may be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
For details, please refer to Facebook's data protection statement:
https://www.facebook.com/about/privacy/.

Twitter

We use the short message service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
You may adjust your Twitter data protection settings independently in your user account.
To do so, click on the following link and log in:
https://twitter.com/personalization.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details may be found here:
https://gdpr.twitter.com/en/controller-to-controller-transfers.html. For details, please refer to Twitter's data protection statement: https://twitter.com/de/privacy.

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited,4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details may be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 and
https://de-de.facebook.com/help/566994660333381.
For details on how they handle your personal data, please refer to Instagram's data protection statement:
https://help.instagram.com/519522125107875.

XING

We have a profile on XING. The provider is New Work SE, Dammtorstrasse 30, D-20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING's data protection statement:
https://privacy.xing.com/de/datenschutzerklaerung.

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you would like to deactivate LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details may be found here:
https://www.linkedin.com/legal/l/dpa and
https://www.linkedin.com/legal/l/eu-sccs.
For details on how they handle your personal data, please refer to LinkedIn's data protection statement:
https://www.linkedin.com/legal/privacy-policy.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to YouTube's data protection statement:
https://policies.google.com/privacy?hl=de.

TikTok

We have a profile on TikTok. The provider is TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. For details of how they handle your personal data, please refer to TikTok's data protection statement:
https://www.tiktok.com/legal/privacy-policy?lang=de.
Data transfer to non-secure third countries is based on the standard contractual clauses of the EU Commission. Details may be found here:
https://www.tiktok.com/legal/privacy-policy?lang=de.

Competitions

We take the protection of your personal data very seriously and treat it confidentially and in accordance with the statutory data protection regulations and this Data Protection Statement. This Data Protection Statement applies to the conduct of competitions. It explains the nature, purpose and scope of the data collection in the context of the processing activity.

General storage period of personal data
Your personal data will be stored for the duration of the competition, until 30 days after the end of the competition and then deleted.

Legal basis for the storage of personal data
The processing of personal data is only allowed if there is an effective legal basis for the processing of such data. If we process your data, this is regularly done on the basis of your consent in accordance with Art. 6 para. 1a GDPR (e.g. if you voluntarily provide your data in the logon screen or as part of the contact form), for the purpose of contract performance in accordance with Art. 6 para. 1b GDPR (e.g. for the performance of ordered services) or on the basis of legitimate interests in accordance with Art. 6 para. 1f GDPR, which are always weighed against your interests (e.g. as part of advertising measures). The relevant legal bases will be specified in a separate section of this Data Protection Statement, if applicable.

Purpose of the processing
We process your personal data for the purpose of conducting the competition. In order to ensure a smooth process, the data of the participants for the draw and the data of the winners for sending the prizes is required.

Categories of data collected from participants in the competition
To enter the competition, we collect the following personal data from you:
☒ first name and surname
☒ e-mail address

Categories of data collected from winners in the competition
The data subjects whose data we collect and process refer to:
☒ first name and surname
☒ e-mail address
☒ postal address
The processing of this personal data is necessary to ensure the performance of the processing activity. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 para. 1f GDPR, your consent within the meaning of Art. 6 para. 1a GDPR and/or - if a contract has been concluded - the fulfilment of our contractual obligations (Art. 6 para. 1b GDPR).

Recipients or categories of recipients of the personal data
The collected data is stored with us. The circle of authorised persons and the access possibilities to the data are limited to the minimum necessary. There is no transfer to service providers or other third parties.

Conditions of participation
You may take part in our competition after registering and logging in. In order to participate in the competition, we must be allowed to store and process your data.
You give us your consent for this when you register. Anyone who is not prepared to do this cannot take part in the competition. Persons from Germany who have reached the age of 18
are eligible to participate. The prizes will only be dispatched within Germany. Parfümerie Akzente GmbH reserves the right to exclude participants who violate the conditions of participation or who attempt to influence the competition in any way through technical manipulation. In the event of exclusion from the competition, the prizes may also be subsequently withdrawn and reclaimed.

Distribution of profits
The winners will be selected at random within 7 days of the end of the competition. The winners will be informed by e-mail. Each winner must contact us within 5 working days by e-mail to service@parfumdreams.it with their address details. If a winner does not respond within this period, the prize will be raffled again among all participants. The name and e-mail address of the participants and the name, e-mail address and postal address of the winners will be stored. This is done for the purpose of determining the winners and dispatching the prizes. The data will not be passed on to third parties. This data will be deleted after 30 days. Participants are entitled to statutory rights of information, amendment and revocation. In all other respects, our corresponding Data Protection Statement applies. Parfümerie Akzente GmbH reserves the right to cancel or terminate the competition at any time. This applies in particular in the event of force majeure or if the competition cannot be carried out or continued for other (organisational, technical or legal) reasons. The participants shall not be entitled to any claims in such a case.

Liability
Parfümerie Akzente GmbH shall not be liable for damages in connection with participation in the competition or with the acceptance and use of the prize, unless the competition provider or its vicarious agents act intentionally or with gross negligence. This shall not affect any claims for compensation based on injury to life, limb and health or essential contractual obligations. Should one or more of the above clauses be or become wholly or partially void, ineffective or unenforceable, the remaining conditions shall remain effective. A corresponding valid clause shall take its place. The same shall apply if there is a loophole.

6. Analytical tools and advertising

6.1 Google Analytics

For the purpose of analysing the use of the website, the personal data of the Customer which is transferred to the Responsible Party will be made available to the following recipient: - Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This website uses Google Analytics, a web analysis service provided by Google Ireland Limited (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on the Customer's PC and which enable an analysis of the Customer’s use of the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymisation is activated on this website, however, Google’s IP address will be truncated beforehand within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage to the website operator. The IP address transmitted by the Customer’s browser as part of Google Analytics is not merged with other Google data. The Customer may refuse the use of cookies by selecting the appropriate settings on his/her browser; however, please note that if you do this, you may not be able to use the full functionality of this website. In addition, the Customer may prevent the collection of the data generated by the cookie and related to his/her use of the website (incl. the IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en The Customer may prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent future collection of his/her data when visiting this website: Google Analytics deactivate. The Customer may find more detailed information on this at https://tools.google.com/dlpage/gaoptout?hl=en or at https://www.google.com/intl/en/analytics/privacyoverview.html (general information on Google Analytics and data protection). The Responsible Party shall inform the Customer that, on this website, Google Analytics has been extended by the code “anonymizeIp” (“analytics.js”) in order to ensure anonymised collection of IP addresses (so-called IP masking). Personal data will not be made available to third parties without the written consent of the Customer, unless this is required by law.

6.2 Google AdSense

This website uses Google AdSense, an advertising integration service provided by Google Ireland Limited (“Google”). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google AdSense uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on these pages. The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to a Google server and stored there. This information may be passed on by Google to Google's contractual partners. However, Google will not merge your IP address with other data stored by you. The storage of AdSense cookies is based on Art. 6 para. 1f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

6.3 Google Analytics Remarketing

Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This function makes it possible to link the advertising target groups created by Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalised advertising messages that have been adapted to you on one end device (e.g. mobile phone), depending on your previous usage and surfing behaviour, can also be displayed on another of your end devices (e.g. tablet or PC). If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalised advertising messages can be displayed on every device on which you log in with your Google account. To support this feature, Google Analytics collects Google-authenticated IDs of users, which are temporarily linked to our Google Analytics data to define and create target groups for cross-device advertising. You can permanently object to cross-device remarketing/targeting by deactivating personalised advertising in your Google account; to do this, follow this link: https://www.google.com/settings/ads/onweb/. The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke with Google (Art. 6 para. 1a GDPR). In the case of data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merging), the collection of the data is based on Art. 6 para. 1f GDPR. The legitimate interest results from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes. Further information and the data protection provisions can be found in Google’s data protection regulations at: https://www.google.com/policies/technologies/ads/.

6.4 Google AdWords and Google Conversion-Tracking

This website uses Google AdWords. AdWords is an online advertising programme of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Within the framework of Google AdWords, we use so-called conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user has clicked on the ad and been redirected to this page. Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted in to conversion tracking. Customers can find out the total number of users who have clicked on their ad and have been redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics. The storage of “conversion cookies” is based on Art. 6 para. 1f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. You can find more information about Google AdWords and Google Conversion Tracking in Google's data protection regulations: https://www.google.de/policies/privacy/. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

6.5 Facebook Pixel

Our website uses the visitor action pixel of Facebook, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for conversion measurement. In this way, the behaviour of page visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and to optimise future advertising measures. The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This allows Facebook to place ads on Facebook pages as well as outside of Facebook. This use of data cannot be influenced by us as the site operator. You can find more information about protecting your personal privacy in Facebook's data protection notice: https://www.facebook.com/about/privacy/. You may also deactivate the “Custom Audiences” remarketing function in the Advertising Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook. If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/uk/your-ad-choices.

6.6 Use of Webtrekk

In order to constantly improve and optimise our offer, we use so-called tracking technologies. We use the services of Webtrekk for this purpose. For the statistical analysis of the web pages, we also use the technologies of Webtrekk GmbH, Robert-Koch-Platz 4, D-10115 Berlin, Germany (www.webtrekk.de). With the help of the services of Webtrekk, we collect statistical data on the use of our web content. This data is used to permanently improve and optimise the parfumdreams.it shop and our offers and thus to make them more interesting for you. Webtrekk GmbH has been certified by TÜV Saarland in the area of data protection for the web controlling software used by parfumdreams.it. In particular, the collection and processing of tracking data has been checked and certified for data protection conformity and data security. In the course of using these websites, information transmitted by your browser is collected and analysed. This is achieved through cookie technology and so-called pixels, which are embedded on every website. The following data is collected: request (file name of the requested file), browser type/version, browser language, operating system used, internal resolution of the browser window, screen resolution, JavaScript activation, Java on/off, cookies on/off, colour depth, referrer URL, IP address (only collected anonymously and deleted immediately after use), time of access, clicks, order values, shopping baskets and anonymised form content (for example, whether a telephone number was entered or not). A direct reference to a person is not possible at any point. The data collected in this way is used to create anonymous usage profiles that form the basis for web statistics. The data collected using Webtrekk technologies will not be used to personally identify the visitor to these websites without the separately granted consent of the person concerned and will not be merged at any time with personal data about the bearer of the pseudonym. The collection and storage of data by Webtrekk may be objected to at any time with effect for the future. To do this, please click on the following Link. By clicking on the link, a so-called opt-out cookie is set on your data carrier. This cookie has a validity of 10 years. Please note that, if you delete all cookies on your computer, this opt-out cookie will also be deleted, i.e. if you still want to object to the anonymised data collection by Webtrekk, you must set the opt-out cookie again. The opt-out cookie is set for each browser and computer. If you visit our web pages from home and work or with different browsers, you must activate the opt-out cookie in the different browsers or on the different computers. [T]Click here to read Webtrekk EIDs[/T]

6.7 Use of ADTECH

ADTECH’s data collection and storage practices are compliant with German data protection law and comply with the provisions of the Privacy Preferences Project (P3P) established by the World Wide Web Consortium. In accordance with this policy, ADTECH does not collect personal information about users at any time without their express consent. As part of the ad serving process, ADTECH collects the following non-personal data on behalf of its clients with the use of a cookie:

  • browser type
  • operating system
  • date and time when a specific auto-promotion was delivered.

This data allows us to measure the delivery of messages. For example, the number of clicks on a message or how often a particular message was delivered to an individual user. ADTECH respects the user’s wish for anonymisation and a waiver of cookies. You can change your settings here: https://policies.oath.com/us/en/oath/privacy/index.html. The ADTECH ad server will then no longer set any more cookies on your browser. ADTECH is available for all further questions regarding data protection by e-mail and also by telephone: +49 (0) 6103 - 5715-0.

6.8 Kameleoon

Kameleoon is an SaaS solution that enables A/B testing and web personalisation. Kameleoon’s customers and partners use the solution to gain a better understanding of how their website is being used and to provide an optimised user experience for their customers. Kameleoon does not store any personal data. However, you may object to the use of Kameleoon at any time by clicking on the following link: Opt-out

6.9 reCaptcha

For security purposes, this site uses reCaptcha, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This service determines whether the input on an Internet form is by a human or taking place improperly by the use of automated machine processing. In the process, your previously truncated IP address and possibly other data required for the service will be transmitted to Google. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The data transmitted by your browser as part of reCaptcha will not be merged with other Google data. For more information about Google's data protection guidelines, please visit: https://www.google.com/intl/de/policies/privacy.

6.10 Use of Outbrain

This website uses retargeting technology from Outbrain Inc (“Outbrain”, 39 W 13th Street, New York, NY 10011, USA). This makes it possible to target those Internet users on our partners’ websites who have already shown an interest in our recommendations. With retargeting, the advertising material is displayed on the basis of a cookie-based analysis of previous user behaviour. These ads will only appear on Outbrain advertising spaces, either those of Outbrain Engage or the Outbrain Extended Network. If you do not wish to be shown Interest-based advertising, you can deactivate this function here.

6.11 Use of Mouseflow

This website uses Mouseflow, a web analysis tool provided by Mouseflow ApS, Flaesketorvet 68, DK-1711 Copenhagen, Denmark. The data processing serves the purpose of analysing this website and its visitors. For this purpose, data is collected and stored for marketing and optimisation purposes. From this data, usage profiles can be created under a pseudonym. Cookies may be used for this purpose. The web analysis tool Mouseflow records randomly selected individual visits (only with an anonymised IP address), creating a log of mouse movements and clicks with the aim of randomly replaying individual website visits and deriving potential improvements for the website from them. The data collected with Mouseflow will not be used to personally identify the visitor to this website without the separately granted consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. The processing is carried out on the basis of Art. 6 para. 1f GDPR from the legitimate interest in direct customer communication and in the needs-based design of the website. You have the right to object to this processing of your personal data based on Art. 6 para. 1f GDPR at any time for reasons that arise from your particular circumstances. To do this, you can deactivate a recording on all websites that use Mouseflow globally for the browser you are currently using via the following link: https://mouseflow.de/opt-out/

7. Newsletter

7.1 Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. The processing of the data entered in the application form for the newsletter is based exclusively on your consent (Art. 6 para. 1a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the members’ area) remains unaffected by this. In addition to the data you provided during registration, the following additional information is also stored: IP address, exact time. The use of data to receive a newsletter by e-mail can be revoked at any time without incurring any costs other than the transmission costs at the basic rates. In every newsletter, you will find a link through which you can revoke the use of the data. If, on the other hand, you would like to unsubscribe from our newsletter via our shop, please use the “forgotten password” function ForgotPassword. After entering your e-mail address and clicking on the “send new password” button, you will receive a confirmation link. By confirming this link, you can create a new password and log in with your email address and this password. You can then unsubscribe from the newsletter at: My parfumdreams - My data. There, you can also view the other information stored about you.

8. Service-Mails

The service e-mails inform you when an item on your notepad is available again and allow us to send you an e-mail after you have placed an order, with a request to rate this order/these products.

9. Live-Chat

Our websites optionally offer the use of Userlike, a live chat software of Userlike UG (entrepreneurial company, limited liability), Deisterweg 7, D-51109 Cologne, Germany. The information about your use of the live chat is collected, stored and processed on Userlike servers in Germany. For more information, please refer to Userlike’s data protection notice: https://www.userlike.com/en/terms.

10. Chatbots

We offer a so-called “chatbot” as a communication option. A chatbot is software that answers users’ questions or informs them of messages. When you engage in a conversation with our chatbot, we may process your personal data. If you communicate with the chatbot within an online platform, your ID is also stored within the platform (e.g. the Facebook ID in the case of Facebook Messenger). We may also collect information about which users interact with our chatbot and when. Furthermore, we store the content of your conversations exchanged with the chatbot and log registration and consent processes in order to be able to prove them in accordance with legal requirements. We would like to point out that the respective platform provider can find out if and when users communicate with our chatbot as well as technical information about the device used by the users and, depending on the settings of their device, also location information (so-called metadata) for the purpose of optimising the respective services and for security purposes. Likewise, the metadata of the communication via chatbot (i.e. information on who communicated with whom, for example) could be used by the respective platform providers in accordance with their regulations, to which we refer for further information, for the purpose of marketing or displaying advertising tailored to users. If users agree to the chatbot activating information with regular messages, they have the option to unsubscribe from the information at any time in the future. The chatbot instructs users how and with which terms they can unsubscribe from the messages. By unsubscribing from chatbot messages, user data is deleted from the list of message recipients. We use the aforementioned information to operate our chatbot, e.g. to reach out to users personally, to answer your queries to the chatbot, to transmit any requested content, as well as to improve our chatbot (e.g. to “teach” it answers to frequently asked questions or to recognise unanswered queries).

11. WhatsApp newsletter and WhatsApp Customer Service

We offer the possibility to contact our Customer Service via WhatsApp, the messenger service of WhatsApp Inc. In addition, we offer a newsletter via WhatsApp, which you will only receive after explicitly registering for it. The WhatsApp newsletter is independent of the newsletter via e-mail and independent of the Customer Service via WhatsApp. You have the option to unsubscribe from the WhatsApp newsletter at any time by sending us the word “stop” as a reply to the newsletter in WhatsApp. All your data will be deleted. To process Customer Service requests via WhatsApp and to send the newsletter via WhatsApp, we use the service provider Whappodo.com, a service of Whappodo.COM! GmbH, Walter-Kolb-Strasse 5-7, D-60594 Frankfurt, Germany. Your telephone number and WhatsApp nickname will only be used for the WhatsApp Customer Service or WhatsApp newsletters and will not be passed on to third parties. All data is transmitted to the service provider in encrypted form. You can find more information about the data protection of Whappodo.com here: https://www.whappodo.com/de/popup/datenschutz. Information on the data protection of WhatsApp Inc. can be found here: https://www.whatsapp.com/legal/.

12. Payment providers

12.1 PayPal

On our website we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”). If you select payment via PayPal, the payment data you enter will be transmitted to PayPal. The transmission of your data to PayPal is based on Art. 6 para. 1a GDPR (consent) and Art. 6 para. 1b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.

12.2 Klarna

In order to be able to offer you Klarna’s payment options, we will transmit personal data, such as contact details and order data, to Klarna. This enables Klarna to assess whether you are eligible for the payment options offered via Klarna and to adapt the payment options to your needs. You can find general information about Klarna here. Your personal information will be treated by Klarna in accordance with applicable data protection regulations and as set out in Klarna's data protection regulations.

12.3 Instant bank transfer

On our website we offer, among other things, payment by “instant bank transfer”. The provider of this payment service is Klarna Bank AB, Sveavägen 46, S-111 34 Stockholm, Sweden (hereinafter referred to as “Klarna”). With the help of the “instant bank transfer” procedure, we receive a payment confirmation from Klarna in real time and can immediately begin to fulfil our obligations. If you have opted for the “instant bank transfer” payment method, you send the PIN and a valid TAN to Klarna, with which they can log into your online banking account. After logging in, Klarna automatically checks your account balance and carries out the transfer to us using the TAN you have sent. They then immediately send us a transaction confirmation. After logging in, your turnover, the credit limit of the overdraft facility and the existence of other accounts and their balances are also checked automatically. In addition to the PIN and the TAN, the payment data you have entered as well as data about yourself are also transmitted to Klarna. Your personal data includes your first name and surname, address, telephone number(s), e-mail address, IP address and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempts at fraud. The transfer of your data to Klarna is based on Art. 6 para. 1a GDPR (consent) and Art. 6 para. 1b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations. For details on paying by instant bank transfer, please see the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.

12.4 Paydirekt

On our website we offer, among other things, payment via Paydirekt. The provider of this payment service is Paydirekt GmbH, Hamburger Allee 26-28, D-60486 Frankfurt am Main, Germany (hereinafter referred to as “Paydirekt”). When you make a payment using Paydirekt, Paydirekt collects various transaction data and forwards this to the bank with which you are registered with Paydirekt. In addition to the data required for the payment, Paydirekt may collect further data such as the delivery address or individual items in the shopping basket as part of the transaction processing. Paydirekt then authenticates the transaction using the authentication procedure deposited with the bank for this purpose. The payment amount will then be transferred from your account to ours. Neither we nor third parties have access to your account details. For details on payment with Paydirekt, please refer to the General Terms and Conditions and the data protection regulations of Paydirekt at: https://www.paydirekt.de/agb/index.html.

12.5 Amazon Pay

AOn our website we offer, among other things, payment via Amazon Pay. The provider of this payment service is Amazon Payments Europe S.C.A., 5, Rue Plaetis, L-2338 Luxembourg (hereinafter referred to as “Amazon Pay”). If you select payment via Amazon Pay, the payment data you enter will be transmitted to Amazon Pay. The transfer of your data to Amazon Pay is based on Art. 6 para. 1a GDPR (consent) and Art. 6 para. 1b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.

12.6 Barzahlen.de

On our website we offer, among other things, payment via Barzahlen.de. The provider of this payment service is Cash Payment Solutions GmbH, Wallstrasse 14a, D-10179 Berlin, Germany (hereinafter referred to as “Barzahlen.de”). If you select payment via Barzahlen.de, the payment data you enter will be transmitted to Barzahlen.de. The transfer of your data to Barzahlen.de is based on Art. 6 para. 1a GDPR (consent) and Art. 6 para. 1b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.

12.7 Credit card

On our website we offer, among other things, payment by credit card. The carrier of this payment service is TeleCash GmbH & Co. KG, Marienbader Platz 1, D-61348 Bad Homburg, Germany (hereinafter referred to as “Telecash”). If you choose to pay by credit card, the payment details you enter will be sent to Telecash. The transfer of your data to Telecash is based on Art. 6 para. 1a GDPR (consent) and Art. 6 para. 1b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.

13. Links to other websites

We occasionally refer to the websites of third parties. Although we carefully select these third parties, we cannot assume any guarantee or liability for the accuracy or completeness of the content and the data security of third-party websites. Nor does this Data Protection Statement apply to linked third-party websites.

14. Amendments to this Statement

Insofar as we introduce new products or services, change Internet procedures or if Internet and IT security technology develops further, the “Data Protection Statement” has to be updated. We therefore reserve the right to amend or supplement the Statement as required. We will publish the changes here. You should therefore visit this website regularly to check the current status of the Data Protection Statement.

Download as a PDF
To open, read and print the PDF file, you need Acrobat Reader, which you can download free of charge via the following link: http://www.adobe.com
(Status as at 13/09/2022)