Go to homepage
Shopping cart €0.00

Privacy Policy 

Below, we provide information about how we process your personal data. Personal data, as defined in Article 4 of the GDPR, refers to any information relating to an identified or identifiable natural person (such as name, address, telephone number, email address, invoices, bank details, etc., as well as your user behaviour).

Contents

  1. Contact details  

  2. Lawfulness of the processing of personal data

  3. Collection and storage of personal data, as well as the nature and purpose of its use

  4. Retention period and data erasure

  5. Disclosure of data to third parties

  6. Hosting

  7. Cookies

  8. Payment service providers

  9. Credit reference checks

10. Analytics services

11. Social media services

12. Other online services

13. Data subject rights

14. Right to object

15. Data security

16. Validity and amendments to this privacy policy 


1. Contact details

This privacy policy applies to data processing by the following data controller:

Data controller: Axel Eickhoff 
Address: Auf der Hardt 20, 79100 Freiburg 
Email: info@daskreativeklassenzimmer.de 
Telephone: 07667-942470 
Fax: - 

2. Lawfulness of the processing of personal data

We generally collect and use our users’ personal data only to the extent necessary to provide a functional website and our content and services. The collection and use of our users’ personal data generally takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons or where the processing of the data is permitted by statutory provisions.

In accordance with Article 6 of the General Data Protection Regulation (GDPR), the processing of personal data is lawful if one or more of the following conditions are met:

- You have given your explicit consent to the processing in accordance with Article 6(1)(a) of the GDPR,

- the processing is necessary, pursuant to Article 6(1)(b) of the GDPR, for the performance of a contract with you or for the implementation of pre-contractual measures taken at your request,

- we are under a legal obligation to process the data pursuant to Article 6(1)(c) of the GDPR,

- the processing is necessary to protect your vital interests or those of another natural person, Article 6(1)(d) GDPR,

- the processing is necessary, pursuant to Article 6(1)(e) of the GDPR, for the performance of a task carried out in the public interest or in the exercise of official authority vested in us,

- processing is necessary pursuant to Article 6(1)(f) of the GDPR to safeguard our legitimate interests or those of a third party, provided that your interests or fundamental rights and freedoms requiring the protection of personal data do not override those interests.


3. Collection and storage of personal data, as well as the nature and purpose of its use

When using our website, we may process personal data from users of our website (who may be customers, prospective customers or visitors to our website), such as contact details, usage data and communication data.  

This is done, amongst other things, for the purpose of providing a functioning online service, communicating with users of our website, processing contact enquiries or customer enquiries, and for the purpose of fulfilling contractual obligations. In addition, cookies are set when you visit our website (see the ‘Cookies’ section in this privacy policy). We may also use third-party online services, for example – subject to your consent – to collect and process data for marketing purposes. Further details on this can be found in this privacy policy.

Below, we explain what data may be collected from you and for what purpose it may be processed. 

When visiting the website

When you access our website, the browser used on your device automatically sends information to our website’s server. This information is temporarily stored in a so-called log file. The following information may be collected without any action on your part and – unless otherwise specified – stored until it is automatically deleted after a maximum of 30 days:


- IP address of the requesting computer

- Date and time of access

- Content of the request (specific page)

- Name and URL of the file accessed

- Access status/HTTP status code

- Amount of data transferred in each case

- Website from which the access originated (referrer URL)

- Browser used and, where applicable, your computer’s operating system and the name of your internet service provider

- Language and version of the browser software


Where such data is collected, we process it for the following purposes:  

- To ensure the website connects smoothly,

- Ensuring a user-friendly experience on our website,

- Evaluating system security and stability, and

- For other administrative purposes.


The legal basis for data processing is Article 6(1)(f) of the GDPR. Our legitimate interest arises from the purposes of data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your identity.

In addition, we may use cookies and online services when you visit our website. Further details can be found in this privacy policy.


Pre-contractual negotiations/performance of a contract

We process personal data that we receive in the context of pre-contractual enquiries and within the framework of our business relationship. For example, the following personal data may be collected and processed by us: title, first name and surname, address, telephone number, email address, IBAN / credit card number together with security code (in each case only where this is necessary for the processing of payments). 

Furthermore, data may be disclosed to third parties (see section 5 “Disclosure of data to third parties” in this privacy policy). 

The processing and storage of the data you provide is carried out on the basis of Article 6(1)(b) of the GDPR for the purpose of fulfilling a contract or taking pre-contractual measures. In all other cases, we process and store your data on the basis of your consent pursuant to Article 6(1)(a) of the GDPR, as well as on the basis of our legitimate interest in processing the enquiry addressed to us pursuant to Article 6(1)(f) of the GDPR. 

Provided there are no statutory retention periods to the contrary, the data collected and stored from you will be deleted as soon as the purpose of storage no longer applies and storage is no longer necessary (e.g. your enquiry has been processed or the business relationship has ended). 


When subscribing to our newsletter

You have the option to subscribe to our newsletter. To do so, we require your email address and, if applicable, your name (provided voluntarily) so that we can address you in the newsletter. 

We use the so-called double opt-in procedure. Accordingly, once you have registered, you will receive an email from us asking you to confirm your registration. By clicking on the activation link contained in the email, you confirm that you are the owner of the email address and wish to receive the newsletter. Provided you have given your express consent, we will use your email address on the basis of your consent in accordance with Article 6(1)(a) of the GDPR to send you our newsletter at regular intervals, containing information about our offers. 

If you do not confirm the activation link within three weeks, we will delete the email address registered for the newsletter.

The data collected is used solely for the purpose of sending the newsletter and documenting your consent. When you subscribe to the newsletter, we store your IP address and the date of registration. This storage serves solely as evidence in the event that a third party misuses an email address and subscribes to the newsletter without the authorised person’s knowledge.

We work with a mailing service provider to send out our newsletters. The data is usually transferred directly to the mailing service provider’s servers, possibly in the USA, and stored there. The mailing service provider uses this data to send out the newsletters and for statistical analysis on our behalf. 

As part of performance measurement, our newsletters contain so-called web beacons (small invisible graphics) for the collection of information. These are pixel-sized files that are retrieved from the email service provider’s servers when the emails are opened. This allows us to see, for example, whether the email has been opened. Technical data, such as IP address, browser type or the time of retrieval, is also recorded. This data is analysed solely to evaluate the reading behaviour of our newsletter recipients, thereby enabling us to tailor the content to their interests. It is not possible to opt out of performance tracking separately. If you do not wish to have your engagement measured, please unsubscribe from the newsletter entirely. 

The use of a mailing service provider for newsletter distribution and performance measurement is based on your consent in accordance with Article 6(1)(a) of the GDPR, as well as on our legitimate interests in accordance with Article 6(1)(f) of the GDPR in an efficient, user-friendly and secure newsletter system. A data processing agreement has been concluded in accordance with Article 28(3) sentence 1 of the GDPR.

You may unsubscribe from the newsletter at any time and withdraw your consent, with the result that the data stored for the purpose of receiving the newsletter will be deleted by us and you will no longer receive newsletters from us.   You can withdraw your consent by clicking on the unsubscribe link provided in every newsletter email or by sending a message to the contact details given in the legal notice.


Mailing service provider: 

CleverReach

Our newsletters are sent via the mailing service provider CleverReach GmbH & Co. KG // CRASH-Building, Schafjückenweg 2, 26180 Rastede, Germany.

You can view CleverReach’s privacy policy here:  

https://www.cleverreach.com/de/datenschutz/


When using our contact form

If you have any questions, we offer you the option of contacting us via a form provided on the website. You must provide your first name and surname as well as a valid email address so that we know who the enquiry is from and can respond to it. You may also provide your telephone number on a voluntary basis.

The processing and storage of the data you provide is carried out on the basis of Article 6(1)(b) of the GDPR for the purpose of handling your enquiry. Furthermore, we process your data on the basis of your consent pursuant to Article 6(1)(a) of the GDPR, as well as on the basis of our legitimate interest in processing the enquiry addressed to us pursuant to Article 6(1)(f) of the GDPR.

Provided there are no statutory retention periods to the contrary, the data collected and stored from you will be deleted as soon as the purpose for which it was stored no longer applies and storage is no longer necessary (e.g. your enquiry submitted via the contact form has been processed). 


When creating a customer account

You have the option to register with us and set up a customer account. The data required for this (such as your name, address and email address) is marked accordingly and can be found in the input form. Your personal data is stored in your customer account so that you do not have to re-enter this information when you visit our website again and place further orders, thereby simplifying the ordering process. Access to your customer account is protected by a password of your choice.

You may delete your customer account and withdraw your consent at any time, with the result that we will irrevocably delete the data stored in the customer account, provided that no statutory retention periods prevent this. To do so, simply send a message to the contact details provided in the legal notice (this can also be done by email).

The processing and storage of the data you have provided is carried out on the basis of Article 6(1)(a) of the GDPR within the scope of your previously given consent, and on the basis of Article 6(1)(b) of the GDPR within the scope of contract performance.



4. Retention period and data erasure


As a general rule, we only store personal data until the purpose for which you have entrusted the data to us has been fulfilled. After that, the data is permanently deleted. However, if there are statutory retention periods for the storage of personal data, we will store it for as long as we are legally obliged to do so. Such obligations regularly arise from legal obligations to provide evidence and retain records, which are regulated, amongst other things, in the German Commercial Code and the German Fiscal Code; for tax purposes, for example, this is ten years. Once the statutory retention period has expired, the data will be permanently deleted.

Any consent given to the processing and storage of your personal data pursuant to Article 6(1)(a) of the GDPR may be withdrawn at any time, with the result that the data – provided there are no statutory retention periods to the contrary – will be permanently deleted.

Further rights, through which you may prohibit us from processing your personal data, arise from Article 21(1) and (2) of the GDPR.

Information on the resulting right to object can be found in this privacy policy under the heading “Right to object”.


5. Disclosure of data to third parties


We will only disclose your personal data to third parties if:  

- you have given your explicit consent in accordance with Article 6(1)(a) of the GDPR,

- the disclosure is necessary pursuant to Article 6(1)(f) of the GDPR to safeguard our legitimate interests or those of a third party, such as for the exercise, defence or assertion of legal claims, provided that your interests or fundamental rights and freedoms requiring the protection of personal data do not override those interests,

- in the event that there is a legal obligation to disclose data pursuant to Article 6(1)(c) of the GDPR, 

- pursuant to Article 6(1)(b) of the GDPR for the purpose of payment processing to the payment service provider commissioned with payment processing, and pursuant to Article 6(1)(f) of the GDPR within the scope of our legitimate interests in being able to offer reliable and secure payment processes, as well as

- this is permitted by law and necessary under Article 6(1)(b) of the GDPR for the performance of contractual relationships with you, such as the transfer of address details to a transport company. Data may also be passed on to a dropshipper, who will then dispatch the goods to you on our behalf. If you order goods to be sent to an address other than your own, this is done on the basis of our legitimate interests pursuant to Article 6(1)(f) of the GDPR in the proper fulfilment of the contractual relationship.


Where necessary, a data processing agreement in accordance with Article 28(3) sentence 1 of the GDPR has been concluded with the service provider used.

In the event that the customer’s personal data is processed in a third country (outside the EU), this is done within the scope of the customer’s prior consent, in the context of contract performance or on the basis of existing legal obligations. Any transfer of data shall be carried out in compliance with legal requirements. In particular, the provisions of Articles 44 to 49 of the GDPR apply here.

A transfer is generally based on an adequacy decision by the European Commission. In the case of a third country for which no adequacy decision exists, data transfers are based, amongst other things, on the standard contractual clauses available via the link below as suitable safeguards for the protection of personal data:

https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_de

On 10 July 2023, the European Commission adopted the adequacy decision for the EU-US Data Privacy Framework – or ‘DPF’ for short (the successor to the ‘Privacy Shield’). The DPF now serves as the basis for data transfers to certified organisations in the US, without the need for further transfer mechanisms or additional measures. Within the scope of this privacy policy, appropriate notices will be provided where an organisation is certified under the DPF. 


6. Hosting


This website is hosted by an external service provider. Personal data collected on this website is stored on the host’s servers, which may be located in the USA. This may include, in particular, IP addresses, contact enquiries, communication data, contractual data, contact details, website visits and other data generated via a website. 

Our hosting provider will only process your data to the extent necessary to fulfil its contractual obligations and will follow our instructions regarding this data. A data processing agreement in accordance with Article 28(3) sentence 1 of the GDPR has been concluded with the hosting provider.

The hosting provider is engaged for the purpose of fulfilling our contractual obligations towards our potential and existing customers in accordance with Article 6(1)(b) of the GDPR and in the interests of providing our online services securely, quickly and effectively in accordance with Article 6(1)(f) of the GDPR.

Host:

zweipunkt GmbH Our website is hosted by 
zweipunkt GmbH,
Am Vogelherd 92a,
98693 Ilmenau, Germany. 
 For information on zweipunkt GmbH’s privacy policy, please visit: https://zwei.gmbh/info/datenschutz/


7. Cookies


We use cookies on our website. These are small files that your browser creates automatically and which are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your device and do not contain viruses, Trojans or any other malware. The cookie stores information relating specifically to the device you are using.


The website uses strictly necessary cookies, which ensure the website functions smoothly and do not require consent. These cookies are used to make your experience of our website more pleasant. We use so-called session cookies. These generate a session ID that is assigned to the user and stored temporarily. This allows multiple windows of our website to be opened and assigned to the same user, meaning that login details or the contents of the shopping basket are retained. Session cookies are deleted when the browser is closed.


We may also use functional cookies. These cookies store the settings you selected during your last visit to our website, such as your language preference or internal bookmarks, so that you do not have to select them again. This helps to make future visits to our website more convenient.


In addition, so-called performance cookies may be used. These contain information about how our website is used. This enables us, for example, to determine how often and for how long our website is visited, and which subpages are accessed. This allows us to identify which sections of our website are of particular interest to users. Performance cookies enable us to analyse your browsing behaviour for the purpose of optimising our online offering. It is not possible to identify you as a user.


Third-party marketing cookies may be placed on your device. The purpose of this, in the context of online marketing, is to analyse user behaviour across multiple websites over an extended period of time in order to display personalised advertising.


You can configure your browser settings as you wish and choose not to accept cookies. Please note that you may then not be able to use all the features of this website.


Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

Opera: https://help.opera.com/en/latest/web-preferences/#cookies


Cookies are used either on the basis of your consent in accordance with Article 6(1)(a) of the GDPR or in the context of our legitimate interests in ensuring the website functions properly in accordance with Article 6(1)(f) of the GDPR.


8. payment service provider


The processing of personal data by a payment service provider is carried out on the basis of Article 6(1)(b) of the GDPR for the purpose of contract performance and only to the extent necessary for that purpose, as well as within the scope of our legitimate interests pursuant to Article 6(1)(f) of the GDPR, in order to be able to offer you reliable and secure payment processes. Responsibility for ensuring that the data collected and processed by the payment service provider is handled in accordance with data protection regulations lies with the respective payment service provider. You may withdraw your consent to the processing of your data at any time by contacting the respective payment service provider. ²


PayPal When paying via a payment method provided by PayPal (direct debit, credit card, instalments or purchase on account), payment processing is handled by the payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).  If you choose a PayPal payment method, you will be redirected to the PayPal website. To use this service, PayPal collects, processes and stores transaction data, such as registration/contact details, identification/signature details, payment information, the amount paid, technical usage data and location data. PayPal reserves the right to carry out a credit check for the above-mentioned payment methods within the limits of what is legally permissible. To this end, your payment data may be passed on to credit reference agencies in accordance with Article 6(1)(f) of the GDPR, based on PayPal’s legitimate interest in determining your creditworthiness. For further information on data protection
please refer to PayPal’s privacy policy:

https://www.profihost.com/datenschutz/


9. Credit reports

No credit checks will be carried out.


10. Analytical services


The tracking measures listed below and used by us are carried out on the basis of your consent in accordance with Article 6(1)(a) of the GDPR. We use these tracking measures to ensure that our website is tailored to your needs and is continuously optimised. Furthermore, we use the tracking measures to statistically record the use of our website and to evaluate this data for the purpose of optimising our offering for you. Where necessary, a data processing agreement in accordance with Article 28(3)(1) of the GDPR has been concluded with the service provider in question.

You can prevent cookies from being stored by adjusting your browser settings accordingly. Please note, however, that in this case you may not be able to make full use of all the features of this website. Unless otherwise stated regarding the storage period, the data will be stored for a period of two years and then deleted. You can find general information on usage-based online advertising via the following link:

 https://www.youronlinechoices.com/de/.   


Google Analytics

We use Google Analytics 4, a web analytics service provided by Google LLC, on our website. The data controller is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). We use Google’s “Consent Mode” in its basic implementation. If you have not given your consent in accordance with Article 6(1)(a) of the GDPR, the loading of Google tags is blocked and no data is sent to Google (including the consent status).  If you have given your consent, Google tags are loaded for analysis and marketing purposes to enable us to track user behaviour on our website. This analysis tool uses artificial intelligence to algorithmically evaluate cookies, scripts and pixels, thereby measuring the respective usage behaviour. This may involve, amongst other things, the processing and storage of the following data: time spent on and pages visited on our website, the browser used, date and time of the page visit, language settings, as well as, for example, scrolling to the bottom of the page or clicks on external links. On behalf of the operator of this website, Google will use this information to evaluate the use of the websites, to compile reports on website activity and to provide other services relating to website and internet usage to the website operator. The stored data will be deleted after 14 months at the latest. Based on the location data derived from and transmitted via the IP address, all data from devices located in the EU is collected via domains and servers in the EU. In this process, data may also be forwarded in encrypted form to the Analytics processing servers in the USA. According to Google, IP addresses collected from users in the EU are deleted before they are recorded via EU domains and servers. IP anonymisation takes place automatically; according to Google, IP addresses are neither logged nor stored. Google is certified under the EU-US Data Privacy Framework. The legal framework for data transfers by Google and the European Commission’s Standard Contractual Clauses are available at:

  https://policies.google.com/privacy/frameworks

Further information on Google’s privacy policy and terms of use is available at:https://policies.google.com/privacy

You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available via the following link:http://tools.google.com/dlpage/gaoptout?hl=de 

You can adjust your settings for personalised advertising by Google at any time:   https://www.google.com/settings/ads/onweb 


Google Ads Conversion 
Tracking Our website uses the ‘Google Ads’ advertising system provided by Google LLC. The company responsible for the European region is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’). We use conversion tracking as part of Google Ads. In this process, Google Ads places a so-called “cookie” (see section 7 “Cookies”) on your computer if you have arrived at our website via a Google advert. The information generated by the cookies regarding the use of this website is transmitted directly to Google’s servers, possibly in the USA, and stored there. Google is certified under the EU-US Data Privacy Framework. These cookies expire after 30 days and are not used for personal identification. If you visit certain pages on our site and the cookie has not yet expired, Google and we can recognise that you clicked on the advert and were redirected to that page. Each Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Ads customers. The information collected using the conversion cookie is used to generate conversion statistics for Ads customers who have opted for conversion tracking. Ads customers are informed of the total number of users who clicked on their advert and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available via the following link: https://tools.google.com/dlpage/gaoptout?hl=de If you do not agree to the display of advertisements, you can deactivate them:

https://www.google.com/settings/ads/onweb 

Further information on Google’s privacy policy and terms of use is available at:https://policies.google.com/privacy

For further information on the legal framework governing data transfers, please visit:https://policies.google.com/privacy/frameworks?hl=de


11. Social Media Services


We use social media plugins on our website on the basis of our legitimate interests pursuant to Article 6(1)(f) of the GDPR in order to promote our website through these channels. When you visit a page on our website that contains a social media plugin, a connection is established with the selected network. In doing so, a so-called ‘cookie’ (see the ‘Cookies’ section in this privacy policy) is placed on your computer. The information generated by the cookies regarding the use of this website, such as your IP address, device and location data, is transmitted directly to the provider’s servers – possibly in the USA – and stored there. Through this integration, the provider receives the information that your browser has accessed the relevant page of our website, even if you do not have a customer profile or are not currently logged in with the respective provider. The provider may use the information received for the purposes of advertising, market research and tailoring its pages to user needs. If you are logged in with a provider, they can immediately link your visit to our website to your user account. If you interact with the plugins, for example by clicking a button, this information is also transmitted directly to a server of the respective provider and stored there. The information is also published on your user account and displayed there to your contacts. The respective provider may use this information for the purposes of advertising, market research and tailoring its pages to user needs.  If you do not wish the provider to directly associate the data collected via our website with your user account, you must log out of the respective provider’s service before visiting our website. Please note that, as the operator of the website, we have no knowledge of the content of the data transmitted or its use by the respective provider. You may object to the processing by the provider at any time.


Soziale Netzwerke:

Facebook

We use social media plugins from the social network Facebook, which is operated by Meta Platforms Inc., 1 Meta Way, Menlo Park, CA 94025, USA (“Facebook”), or – if you are based in the EU – Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Meta retains information for as long as it is needed to provide products, comply with legal obligations or protect its own interests or the interests of others. Meta stores event data for a maximum of two years. Meta is certified under the EU-US Data Privacy Framework. Further information on Facebook’s privacy policy is available at:

https://www.facebook.com/about/privacy/

Instagram

We use social media plugins from the social network Instagram. The Instagram services are a product of Meta Platforms Inc., 1 Meta Road, Menlo Park, CA 94025, USA. If you are based in the EU, the data controller is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Meta retains information for as long as it is needed to provide products, comply with legal obligations, or protect its own interests or the interests of others. Meta stores event data for a maximum of two years. Meta is certified under the EU-U.S. Data Privacy Framework. Further information on Instagram’s privacy policy is available at:

https://help.instagram.com/155833707900388

Pinterest

We use social media plugins from the social network Pinterest. The Pinterest services are provided by Pinterest Inc., 651 Brannan St., San Francisco, CA 94107, USA. If you are based in the EU, Pinterest Inc. and Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland, are jointly responsible for the processing of personal data. Pinterest stores data for as long as is necessary to fulfil the purposes described in the privacy policy. Further information on Pinterest’s privacy policy is available at:

https://pinterest.com/about/privacy/



12. Other online services

On our website, we use online services and advertising tools provided by the companies listed below, either on the basis of your consent in accordance with Article 6(1)(a) of the GDPR or within the scope of our legitimate interest in optimising the marketing of our services in accordance with Article 6(1)(f) of the GDPR. Where necessary, a data processing agreement in accordance with Article 28(3)(1) of the GDPR has been concluded with the service provider in question. You can prevent the storage of cookies by adjusting your browser settings accordingly; however, we would like to point out that, in this case, not all functions of this website may be fully usable.

YouTube

We embed online content (usually videos) from the “YouTube” platform. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you are based in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) is the data controller. The operator of the site is YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. We have activated YouTube’s ‘enhanced privacy mode’ function, so that the setting of YouTube cookies is blocked. When you visit one of our pages on which a YouTube video is embedded, no connection is yet established with YouTube’s servers. Data is only transferred to Google once you have given your prior consent in accordance with Article 6(1)(a) of the GDPR. In doing so, a connection may also be established to the Google network “DoubleClick”, an advertising tool provided by Google.  Data (including your IP address) is transferred directly to Google’s servers, possibly in the USA, and stored there. Google may store so-called cookies (see Section 7 ‘Cookies’) on your device to analyse your user behaviour and may associate this data with your user account if you are logged in to a Google service. Even if you do not have a customer profile or are not currently logged in, Google may process the data received. If you do not wish Google or YouTube to associate the data collected via our site with your user account, you must log out of Google services before visiting our pages.  Google or YouTube may use this information, amongst other things, for the purpose of compiling video statistics and improving user-friendliness. Please note that we have no knowledge of the content of the data transmitted or its use by Google or YouTube. You may object to the processing by the provider at any time. You can change your privacy settings on YouTube at any time via your Google account. For assistance, please visit:

https://support.google.com/youtube/answer/9315727?hl=de

Google LLC is certified under the EU-US Data Privacy Framework. Google stores collected data for varying periods of time, depending on the type of data, how Google uses it, and how users’ settings are configured. Advertising data is anonymised in server logs by Google deleting part of the IP address after 9 months and cookie information after 18 months. Further information about Google’s data protection practices is available at:

https://policies.google.com/privacy

https://policies.google.com/technologies/retention?hl=de



Assessment tool

You have the option to leave a review of our service and the products purchased from us. This allows you to rate the transaction and, if necessary, add a comment once the contract has been concluded. We work with a third-party provider for this purpose. This may involve the transfer of personal data, such as your name, email address, invoice number and the review itself. Your IP address may also be shared. The use of a review system is intended to optimise our service and build customer trust. To inform you of this option, we or the provider may contact you – subject to your prior consent – during the checkout process in the interest of obtaining a genuine review. Data received by the provider on our behalf following a review invitation will be automatically deleted after 90 days at the latest.


provider:

Geprüfter Webshop

We use the evaluation tool provided by Tisko Consulting GmbH, Hertzstr. 15, 53881 Euskirchen, Germany. Further information on data protection at Tisko Consulting GmbH is available at:

https://www.gepruefter-webshop.de/datenschutz/ 


quality mark Geprüfter Webshop

The “Certified Online Shop” seal is displayed on our website. The seal and the services it promotes are provided by Tisko Consulting GmbH, Hertzstr. 15, 53881 Euskirchen. When you access the seal, the web server automatically saves a so-called server log file containing, for example, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data), and documents the access. This access data is not analysed and is automatically deleted no later than 30 days after the end of your visit to the site.  Further information on data protection at Tisko Consulting GmbH is available at:

https://www.gepruefter-webshop.de/datenschutz/


13. Rights of data subjects

You have the right: - under Article 15 of the GDPR to request information about your personal data processed by us. In particular, you may request information regarding the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the intended period of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data where it has not been collected by us, as well as information on the existence of automated decision-making, including profiling, and, where applicable, meaningful information regarding its details; - to request, in accordance with Article 16 of the GDPR, the immediate rectification of inaccurate personal data or the completion of your personal data stored by us; - to request, in accordance with Article 17 of the GDPR, the erasure of your personal data stored by us, unless processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims; - to request the restriction of the processing of your personal data in accordance with Article 18 of the GDPR, provided that you contest the accuracy of the data, the processing is unlawful but you oppose its erasure and we no longer require the data, but you require it for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 of the GDPR; - pursuant to Article 20 of the GDPR, to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, or to request its transmission to another controller; - in accordance with Article 7(3) of the GDPR, to withdraw your consent at any time. This means that we may no longer continue processing data based on this consent in the future; and - pursuant to Article 77 of the GDPR, to lodge a complaint with a supervisory authority if you consider that the processing of your personal data has been unlawful. As a rule, you may contact the supervisory authority for your usual place of residence or workplace, or for our registered office.


14. Right to object


IF YOUR PERSONAL DATA IS PROCESSED ON THE BASIS OF OUR LEGITIMATE INTERESTS IN ACCORDANCE WITH ARTICLE 6(1)(f) OF THE GDPR, YOU HAVE THE RIGHT, IN ACCORDANCE WITH ARTICLE 21(1) GDPR TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA, PROVIDED THAT THERE ARE GROUNDS FOR THIS ARISING FROM YOUR PARTICULAR SITUATION. CONSEQUENTLY, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS. YOU MAY ALSO OBJECT, IN ACCORDANCE WITH ART. 21(2) GDPR, TO THE PROCESSING BY US OF PERSONAL DATA WHICH IS PROCESSED FOR DIRECT MARKETING PURPOSES IN ACCORDANCE WITH ART. 6(1)(f) F GDPR for the purposes of direct marketing, with the result that we will no longer process your personal data for the purposes of direct marketing.  IF YOU WISH TO EXERCISE YOUR RIGHT TO WITHDRAW OR OBJECT, A SIMPLE EMAIL TO THE EMAIL ADDRESS LISTED IN THE LEGAL NOTICE IS SUFFICIENT.


15. Data security

During your visit to our website, we use the widely adopted SSL (Secure Sockets Layer) protocol in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You can tell whether a particular page on our website is being transmitted securely by the closed key or padlock symbol in the status bar at the bottom of your browser. We also employ appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

.


16. Validity and amendments to this privacy policy

This privacy policy is currently in force. Due to the ongoing development of our website and the services offered through it, or as a result of changes to legal or regulatory requirements, it may become necessary to amend this privacy policy. You can view and print the current version of the privacy policy at any time on this website. This privacy policy was drawn up by the contract lawyers of TISKO Consulting GmbH (www.Gepruefter-Webshop.de) and is protected by copyright. Any use other than that specified in the contractual agreement, or the copying and unauthorised use of the texts, is not permitted and constitutes a copyright infringement which will be prosecuted.


Facebook Privacy Policy


Below, the Seller provides the Customer with information regarding the processing of their personal data by the Seller. Personal data within the meaning of Article 4 of the GDPR refers to any information relating to an identified or identifiable natural person (such as name, address, telephone number, email address, invoices, bank details, etc., as well as your user behaviour).


Contact details

This privacy notice applies to data processing carried out by the following data controller: 
Data controller: Gert Balzer Address: Auf der Hardt 20, 79100 Freiburg Email: info@daskreativeklassenzimmer.de
Telephone: 07667-942470 Fax: -



Lawfulness of the processing of personal data

Article 6 of the General Data Protection Regulation (GDPR) sets out the conditions under which the processing of personal data is lawful. Accordingly, the processing of personal data is lawful if one or more of the following conditions are met: - The customer has given their explicit consent to the processing in accordance with Article 6(1)(a) of the GDPR, - the processing is necessary, pursuant to Article 6(1)(b) of the GDPR, for the implementation of pre-contractual measures taken at the customer’s request or for the performance of a contract with the customer, such as the disclosure of address details to the transport company. Data may also be disclosed to a dropshipper, who then dispatches the goods to the customer on behalf of the seller. If the customer orders goods to be sent to an address other than their own, this is based on the seller’s legitimate interests under Article 6(1)(f) of the GDPR in the proper performance of the contractual relationship, - the seller has a legal obligation to process the data pursuant to Article 6(1)(c) of the GDPR, - the processing is necessary to protect the vital interests of the customer or of another natural person, Article 6(1)(d) of the GDPR, - the processing is necessary, pursuant to Article 6(1)(e) of the GDPR, for the performance of a task carried out in the public interest or in the exercise of official authority vested in the seller, - the processing is necessary, pursuant to Article 6(1)(f) of the GDPR, for the purposes of the legitimate interests pursued by the seller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the customer which require protection of personal data. 
 Collection and storage of personal data, as well as the nature and purpose of their use

a) When contacting us

You have the option of contacting us. The processing and storage of the data you provide, such as your name, email address and details relating to your enquiry, are carried out on the basis of Article 6(1)(b) of the GDPR for the purpose of taking pre-contractual measures, and on the basis of our legitimate interest in processing your enquiry addressed to us in accordance with Article 6(1)(f) of the GDPR.


b) For the performance of the contract

If your contact with us via the Facebook platform leads to the conclusion of a contract, we will process and store your personal data, such as order details, personal details and address details, in accordance with Article 6(1)(b) of the GDPR for the purpose of fulfilling the contract and only to the extent necessary for this purpose. In all other cases, your data will be processed and stored on the basis of your consent pursuant to Article 6(1)(a) of the GDPR, as well as on the basis of our legitimate interests in processing your order pursuant to Article 6(1)(f) of the GDPR. With regard to the lawfulness of data processing and the transfer of data to third parties, please refer to point 2 of this privacy policy.


c) Data collection 

Usage data from Facebook may be collected for statistical analysis. This is done on the basis of Article 6(1)(a) of the GDPR, subject to your prior consent, and/or in accordance with Article 6(1)(f) of the GDPR, based on Facebook’s legitimate interests in providing and improving its products and services.


Usage data

Facebook collects information and usage data from its users. This includes, for example, information about the types of content they view or interact with, or the actions they take, as well as information about the devices they use (e.g. IP addresses, operating system, browser type, language settings, cookie data). The information Facebook actually collects depends on whether and how people use Facebook products. Facebook uses the data collected, amongst other things, to provide and improve its products and services, and to personalise products and content. Facebook may pass on the data collected to third parties, possibly including Meta Platforms Inc., based in the USA. We have no influence over the data collected, processed and stored by Facebook, or to whom Facebook passes on the data. Where Facebook Ltd. provides us with analyses in anonymised form, it acts as a data processor under a data processing agreement; data processing in the USA takes place using standard data protection clauses. Information on the Facebook EU Data Transfer Addendum (which covers cases where Facebook, as a data processor, processes data from the EU, among other sources) is available at:

https://www.facebook.com/legal/EU_data_transfer_addendum

The data processing terms and conditions relating to data processing on behalf of Meta Platforms Ltd. are available at:

https://www.facebook.com/legal/terms/dataprocessing/


Facebook-Insights

Facebook also collects and uses information in order to provide statistics, known as Page Insights, to page administrators. This enables us to obtain anonymised information about our visitors’ behaviour. For example, we can see which of our posts have been viewed particularly frequently, how many subscribers we have gained, or how many people have interacted with our posts (content interactions). As part of reach measurement, we can see how many Facebook accounts have viewed a post. The use and storage of the collected data takes place in accordance with Article 6(1)(f) of the GDPR within the scope of our legitimate interests in communicating with our page visitors and increasing the effectiveness of our advertisements. There is an agreement between us and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, regarding joint controllership in accordance with Article 26 of the GDPR for the processing of Insights data:

https://www.facebook.com/legal/terms/page_controller_addendum

Further information on Facebook Page Insights is available at:

https://www.facebook.com/legal/terms/information_about_page_insights_data 


Cookies

When you visit our pages, Facebook Ltd. uses cookies and other storage technologies to collect usage data and page insights. Cookies are small text files that store information in your web browser. This enables Facebook to offer Facebook products to the user and to understand the information Facebook receives about the user, including information about the use of other websites and apps, regardless of whether the user is registered or logged in. You can find information about Facebook’s cookies and other storage technologies at: https://de-de.facebook.com/policies/cookies/


Retention period and data erasure

As a general rule, we only store personal data until the purpose for which the customer has entrusted the data to us has been fulfilled. After that, the data is permanently deleted. However, if there are statutory retention periods for the storage of personal data, we will store it for as long as we are legally obliged to do so. Such obligations regularly arise from legal duties of proof and retention, which are regulated, amongst other things, in the German Commercial Code and the German Fiscal Code; for tax purposes, for example, this is ten years. Once the statutory retention periods have expired, the data is permanently deleted.  Consent given to the processing and storage of personal data pursuant to Article 6(1)(a) of the GDPR may be withdrawn at any time, with the result that the data – provided that no statutory retention periods preclude this – will be permanently deleted. Further rights, through which we may be prohibited from processing the customer’s personal data, arise from Article 21(1) and (2) of the GDPR. Information on the resulting right to object can be found in this privacy policy under section 6, “Right to object”.


Rights of data subjects

The customer has the right to:


- to request information, in accordance with Article 15 of the GDPR, regarding their personal data processed by the seller. In particular, they may request information regarding the purposes of processing, the categories of personal data, the categories of recipients to whom their data has been or will be disclosed, the intended period of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of their data, provided that it was not collected by the seller, as well as the existence of automated decision-making, including profiling, and, where applicable, meaningful information regarding its details;

- to request, in accordance with Article 16 of the GDPR, the immediate rectification of inaccurate personal data or the completion of personal data held by us;

- to request, in accordance with Article 17 of the GDPR, the erasure of their personal data held by the seller, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;

- to request, in accordance with Article 18 of the GDPR, the restriction of the processing of their personal data, provided that they contest the accuracy of the data, the processing is unlawful but they object to its erasure, and the seller no longer requires the data, but the customer needs it for the establishment, exercise or defence of legal claims, or has objected to the processing in accordance with Article 21 of the GDPR;

- in accordance with Article 20 of the GDPR, to receive the personal data they have provided to the seller in a structured, commonly used and machine-readable format, or to request that it be transferred to another controller;

- to withdraw their consent, once given, at any time by notifying the seller, in accordance with Article 7(3) of the GDPR. As a result, the seller may no longer continue to process data on the basis of that consent in the future, and

- to lodge a complaint with a supervisory authority in accordance with Article 77 of the GDPR if they consider that their personal data has been processed unlawfully. As a rule, they may contact the supervisory authority for their usual place of residence or workplace, or for the seller’s registered office.



RIGHT TO OBJECT

IF THE CUSTOMER’S PERSONAL DATA IS PROCESSED ON THE BASIS OF THE SELLER’S LEGITIMATE INTERESTS IN ACCORDANCE WITH ARTICLE 6(1)(f) OF THE GDPR, THE CUSTOMER HAS THE RIGHT, IN ACCORDANCE WITH ARTICLE 21(1) GDPR TO OBJECT TO THE PROCESSING OF THEIR PERSONAL DATA, PROVIDED THAT THERE ARE GROUNDS FOR DOING SO ARISING FROM THEIR PARTICULAR SITUATION. CONSEQUENTLY, THE SELLER WILL NO LONGER PROCESS THEIR PERSONAL DATA, UNLESS THEY CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE THE INTERESTS, RIGHTS AND FREEDOMS OF THE CUSTOMER, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS. THE CUSTOMER MAY ALSO OBJECT, IN ACCORDANCE WITH ART. 21(2) GDPR, TO THE PROCESSING BY THE SELLER OF PERSONAL DATA WHICH IS PROCESSED FOR THE PURPOSES OF DIRECT MARKETING IN ACCORDANCE WITH ART. 6(1)(f) of the GDPR for the purposes of direct marketing, with the result that the Seller may no longer process the Customer’s personal data for the purposes of direct marketing. IF THE CUSTOMER WISHES TO EXERCISE THEIR RIGHT OF WITHDRAWAL OR OBJECTION, AN EMAIL TO THE EMAIL ADDRESS STATED IN THE LEGAL NOTICE IS SUFFICIENT.


This privacy policy has been drawn up by the legal advisors of TISKO Consulting GmbH (https://www.Gepruefter-Webshop.de) and is protected by copyright. Any use other than that specified in the contractual agreement, or the copying and unauthorised use of the text, is not permitted and constitutes a copyright infringement, which will be prosecuted.


Note regarding Facebook’s Privacy Policy For information on Facebook’s privacy policy, please visit: https://de-de.facebook.com/policy.php


Instagram Privacy Policy


Below, the Seller provides the Customer with information regarding the processing of their personal data by the Seller. Personal data within the meaning of Article 4 of the GDPR refers to any information relating to an identified or identifiable natural person (such as name, address, telephone number, email address, invoices, bank details, etc., as well as your user behaviour).


Contact details

Diese Datenschutz-Information gilt für die Datenverarbeitung durch folgenden Verantwortlichen:

Verantwortlicher: Gert Balzer

Adress: Auf der Hardt 20, 79100 Freiburg 

Email: info@daskreativeklassenzimmer.de 

Telefon: 07667-942470 

Fax: - 



Lawfulness of the processing of personal data

Article 6 of the General Data Protection Regulation (GDPR) sets out the conditions under which the processing of personal data is lawful. Accordingly, the processing of personal data is lawful if one or more of the following conditions are met:


- The customer has given their explicit consent to the processing in accordance with Article 6(1)(a) of the GDPR,

- Processing is carried out in accordance with Article 6(1)(b) of the GDPR for the purpose of taking pre-contractual measures at the customer’s request or as necessary for the performance of a contract with the customer, such as the disclosure of address details to the transport company. Data may also be disclosed to a dropshipper, who then dispatches the goods to the customer on behalf of the seller. If the customer orders goods to be sent to an address other than their own, this is done on the basis of the seller’s legitimate interests pursuant to Article 6(1)(f) of the GDPR in the proper performance of the contractual relationship,

- Under Article 6(1)(c) of the GDPR, the seller is under a legal obligation to process the data,

- the processing is necessary to protect the vital interests of the customer or of another natural person, Article 6(1)(d) of the GDPR,

- the processing is necessary, in accordance with Article 6(1)(e) of the GDPR, for the performance of a task carried out in the public interest or in the exercise of official authority vested in the seller,

- The processing is necessary pursuant to Article 6(1)(f) of the GDPR to safeguard the legitimate interests of the seller or a third party, unless the interests or fundamental rights and freedoms of the customer, which require the protection of personal data, take precedence.


Collection and storage of personal data, and the nature and purpose of its use


a) When contacting us

You have the option of contacting us. The processing and storage of the data you provide, such as your name, email address and details relating to your enquiry, are carried out on the basis of Article 6(1)(b) of the GDPR for the purpose of taking pre-contractual measures, and on the basis of our legitimate interest in processing your enquiry addressed to us in accordance with Article 6(1)(f) of the GDPR.


b) For the performance of the contract

If your contact with us via the Instagram platform leads to the conclusion of a contract, we will process and store your personal data, such as order details, personal details and address details, in accordance with Article 6(1)(b) of the GDPR for the purpose of fulfilling the contract and only to the extent necessary for this purpose. In all other cases, your data will be processed and stored on the basis of your consent pursuant to Article 6(1)(a) of the GDPR, as well as on the basis of our legitimate interests in processing your order pursuant to Article 6(1)(f) of the GDPR. With regard to the lawfulness of data processing and the transfer of data to third parties, please refer to point 2 of this privacy policy.


c) Data collection

Usage data from Facebook may be collected for statistical analysis. This is done on the basis of Article 6(1)(a) of the GDPR, subject to your prior consent, and/or in accordance with Article 6(1)(f) of the GDPR, based on Facebook’s legitimate interests in providing and improving its products and services.


Nutzungsdaten

Facebook erfasst Informationen und Nutzungsdaten seiner Nutzer. Dies umfasst z.B. auch Informationen über die Arten von Inhalten, die sie sich ansehen oder mit denen sie interagieren oder die von ihnen vorgenommenen Handlungen sowie Informationen über die von ihnen genutzten Geräte (z. B. IP-Adressen, Betriebssystem, Browsertyp, Spracheinstellungen, Cookie-Daten). Welche Informationen Facebook tatsächlich erfasst, hängt davon ab, ob und wie Personen die Facebook-Produkte nutzen. Facebook nutzt die erhobenen Daten u.a. zur Bereitstellung und Verbesserung ihrer Produkte und Dienste sowie zur Personalisierung von Produkten und Inhalten. Facebook kann die erhobenen Daten an Dritte, möglicherweise auch an die Meta Plattforms Inc. mit Sitz in den USA, weiterleiten. Wir haben keinen Einfluss auf die von Facebook erhobenen, verarbeiteten und gespeicherten Daten oder an wen Facebook die Daten weitergibt. 

Sofern Facebook Ltd. uns Analysen in anonymisierter Form zur Verfügung stellt, fungiert sie als Auftragsverarbeiter im Rahmen eines Auftragsverarbeitungsvertrags, eine Datenverarbeitung in den USA erfolgt unter Verwendung von Standarddatenschutzklauseln.

Informationen zum Facebook EU-Datenübermittlungszusatz (hierin werden die Fälle einbezogen, in denen Facebook als Auftragsverarbeiter Daten unter anderem aus der EU verarbeitet) erhalten Sie unter:

https://www.facebook.com/legal/EU_data_transfer_addendum

Die Datenverarbeitungsbedingungen im Rahmen einer Auftragsverarbeitung von Meta Plattforms Ltd. sind abrufbar unter:

https://www.facebook.com/legal/terms/dataprocessing/


Facebook-Insights

Facebook erhebt und verwendet Informationen auch aus dem Grund, um Statistiken, sog. Seiten-Insights, für Seitenbetreiber bereitzustellen. Wir haben damit die Möglichkeit, anonymisierte Informationen über das Nutzerverhalten unserer Besucher zu erfahren. So sehen wir z.B., welche unserer Inhalte besonders häufig angesehen worden sind, wieviel Abonnenten wir dazugewonnen haben oder wie viele Personen mit unseren Posts etc. interagiert haben (Content Interaktionen). Im Rahmen der Reichweitenmessung können wir sehen, wie viele Facebook Konten einen Beitrag gesehen haben. Die Verwendung und Speicherung der erhobenen Daten erfolgt gem. Art. 6 Abs. 1 S. 1 lit. f DSGVO im Rahmen unserer berechtigten Interessen an einer Kommunikation mit unseren Seitenbesuchern und einer Steigerung der Effektivität unserer Werbeanzeigen.

Zwischen uns und der Meta Plattforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland besteht eine Vereinbarung über die gemeinsame Verantwortlichkeit gem. Art. 26 DSGVO für die Verarbeitung der Insights-Daten: https://www.facebook.com/legal/terms/page_controller_addendum

Nähere Informationen zu den Facebook Seiten-Insights sind abrufbar unter:

https://www.facebook.com/legal/terms/information_about_page_insights_data 


Cookies

Bei Besuch unserer Seiten werden zur Erhebung von Nutzungsdaten sowie Seiten-Insights durch die Facebook Ltd. Cookies und andere Speichertechnologien eingesetzt 

Cookies sind kleine Textdateien, die Informationen im Webbrowser speichern. Hierdurch ist es Facebook möglich, dem Nutzer Facebook-Produkte anzubieten und die Informationen zu verstehen, die Facebook über den Nutzer erhält, einschließlich Informationen über die Nutzung anderer Websites und Apps, und zwar unabhängig davon, ob der Nutzer registriert bzw. angemeldet ist oder nicht.

Informationen zu den Cookies und anderen Speichertechnologien von Facebook erhalten Sie unter: https://de-de.facebook.com/policies/cookies/


Speicherdauer und Datenlöschung

Personenbezogene Daten speichern wir grundsätzlich nur so lange, bis der Zweck, zu dem der Kunde uns die Daten anvertraut hat, erfüllt ist. Danach werden die Daten dauerhaft gelöscht. Bestehen für die Speicherung der personenbezogenen Daten jedoch gesetzliche Aufbewahrungsfristen, so speichern wir diese so lange, wie wir gesetzlich dazu verpflichtet sind. Solche Verpflichtungen ergeben sich regelmäßig durch rechtliche Nachweis- und Aufbewahrungspflichten, die u.a. im Handelsgesetzbuch und der Abgabenordnung geregelt sind, zu Steuerzwecken z.B. zehn Jahre. Nach Ablauf der gesetzlichen Aufbewahrungsfristen werden die Daten dauerhaft gelöscht. 

Eine erteilte Einwilligung in die Verarbeitung und Speicherung der personenbezogenen Daten gem. Art. 6 Abs. 1 S. 1 lit. a DSGVO kann jederzeit widerrufen werden mit der Folge, dass die Daten – sofern keine gesetzlichen Aufbewahrungsfristen entgegenstehen – dauerhaft gelöscht werden.

Weitergehende Rechte, durch die uns eine Verarbeitung der personenbezogenen Daten des Kunden untersagt werden kann, ergeben sich aus Art. 21 Abs. 1 und Abs. 2 DSGVO. Informationen zu dem sich hieraus ergebenden Widerspruchsrecht sind in dieser Datenschutzerklärung unter dem Punkt 6 “Widerspruchsrecht“ zu finden.


Betroffenenrechte

Der Kunde hat das Recht:


- gemäß Art. 15 DSGVO Auskunft über seine vom Verkäufer verarbeiteten personenbezogenen Daten zu verlangen. Insbesondere kann er Auskunft über die Verarbeitungszwecke, die Kategorie der personenbezogenen Daten, die Kategorien von Empfängern, gegenüber denen Ihre Daten offengelegt wurden oder werden, die geplante Speicherdauer, das Bestehen eines Rechts auf Berichtigung, Löschung, Einschränkung der Verarbeitung oder Widerspruch, das Bestehen eines Beschwerderechts, die Herkunft seiner Daten, sofern diese nicht beim Verkäufer erhoben wurden, sowie über das Bestehen einer automatisierten Entscheidungsfindung einschließlich Profiling und ggf. aussagekräftigen Informationen zu deren Einzelheiten verlangen;

- gemäß Art. 16 DSGVO unverzüglich die Berichtigung unrichtiger oder Vervollständigung seiner bei uns gespeicherten personenbezogenen Daten zu verlangen;

- gemäß Art. 17 DSGVO die Löschung seiner beim Verkäufer gespeicherten personenbezogenen Daten zu verlangen, soweit nicht die Verarbeitung zur Ausübung des Rechts auf freie Meinungsäußerung und Information, zur Erfüllung einer rechtlichen Verpflichtung, aus Gründen des öffentlichen Interesses oder zur Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen erforderlich ist;

- gemäß Art. 18 DSGVO die Einschränkung der Verarbeitung seiner personenbezogenen Daten zu verlangen, soweit die Richtigkeit der Daten von ihm bestritten wird, die Verarbeitung unrechtmäßig ist, er aber deren Löschung ablehnt und der Verkäufer die Daten nicht mehr benötigt, der Kunde diese jedoch zur Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen benötigt oder gemäß Art. 21 DSGVO Widerspruch gegen die Verarbeitung eingelegt hat;

- gemäß Art. 20 DSGVO seine personenbezogenen Daten, die er dem Verkäufer bereitgestellt hat, in einem strukturierten, gängigen und maschinenlesebaren Format zu erhalten oder die Übermittlung an einen anderen Verantwortlichen zu verlangen;

- gemäß Art. 7 Abs. 3 DSGVO seine einmal erteilte Einwilligung jederzeit gegenüber dem Verkäufer zu widerrufen. Dies hat zur Folge, dass der Verkäufer die Datenverarbeitung, die auf dieser Einwilligung beruhte, für die Zukunft nicht mehr fortführen darf und

- gemäß Art. 77 DSGVO sich bei einer Aufsichtsbehörde zu beschweren, wenn er der Ansicht ist, dass die Verarbeitung seiner personenbezogenen Daten rechtswidrig erfolgt ist. In der Regel kann er sich hierfür an die Aufsichtsbehörde seines üblichen Aufenthaltsortes oder Arbeitsplatzes oder am Sitz des Verkäufers wenden.



WIDERSPRUCHSRECHT

SOFERN PERSONENBEZOGENE DATEN DES KUNDEN AUF GRUNDLAGE BERECHTIGTER INTERESSEN DES VERKÄUFERS GEMÄSS ART. 6 ABS. 1 S. 1 LIT. F DSGVO VERARBEITET WERDEN, HAT ER DAS RECHT, GEMÄSS ART. 21 ABS. 1 DSGVO WIDERSPRUCH GEGEN DIE VERARBEITUNG SEINER PERSONENBEZOGENEN DATEN EINZULEGEN, SOWEIT DAFÜR GRÜNDE VORLIEGEN, DIE SICH AUS SEINER BESONDEREN SITUATION ERGEBEN. IN DER FOLGE VERARBEITET DER VERKÄUFER SEINE PERSONENBEZOGENEN DATEN NICHT MEHR, ES SEI DENN, ER KANN ZWINGENDE SCHUTZWÜRDIGE GRÜNDE FÜR DIE VERARBEITUNG NACHWEISEN, DIE DIE INTERESSEN, RECHTE UND FREIHEITEN DES KUNDEN ÜBERWIEGEN ODER DIE VERARBEITUNG DIENT DER GELTENDMACHUNG, AUSÜBUNG ODER VERTEIDIGUNG VON RECHTSANSPRÜCHEN.

DER KUNDE KANN EBENSO WIDERSPRUCH GEM. ART. 21 ABS. 2 DSGVO GEGEN DIE VERARBEITUNG VON PERSONENBEZOGENEN DATEN DURCH DEN VERKÄUFER EINLEGEN, DIE GEMÄSS ART. 6 ABS. 1 S. 1 LIT. F DSGVO ZUM ZWECKE DER DIREKTWERBUNG VERARBEITET WERDEN MIT DER FOLGE, DASS DER VERKÄUFER PERSONENBEZOGENE DATEN DES KUNDEN NICHT MEHR ZUM ZWECKE DER DIREKTWERBUNG VERARBEITEN DARF.

MÖCHTE DER KUNDE VON SEINEM WIDERRUFS- ODER WIDERSPRUCHSRECHT GEBRAUCH MACHEN, GENÜGT EINE E-MAIL AN DIE IM IMPRESSUM GENANNTE E-MAIL-ADRESSE.


Diese Datenschutzerklärung wurde von den Vertragsanwälten der TISKO Consulting GmbH ( https://www.Gepruefter-Webshop.de ) erstellt und unterliegt dem urheberrechtlichen Schutz. Eine weitere Verwendung, als der vertraglichen Vereinbarung oder das Kopieren und unberechtigte Nutzen der Texte wird nicht gestattet und stellt eine Urheberrechtsverletzung dar, die rechtlich geahndet wird.


Hinweis zur Facebook und Instagram Datenschutzbestimmung

Informationen zum Datenschutz von Facebook erhalten Sie unter: https://help.instagram.com/519522125107875

Die Datenrichtlinie von Instagram ist abrufbar unter: 

https://de-de.facebook.com/help/instagram/519522125107875 



This website uses cookies to ensure the best experience possible. More information...