Noch €100,00 until free shipping

Privacy policy

Privacy Policy

The data controller is:

Leopold’s - FINEST FOR DOGS GmbH

57 Türkenstraße

80799 Munich

 

Email: kontakt@leopolds-finest.de

We appreciate your interest in our online store. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your data.

1. Access Data and Hosting

You can visit our websites without providing any personal information. Each time a webpage is accessed, the web server automatically stores a so-called server log file containing, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), thereby documenting the access. This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the site and improving our offering. This serves to safeguard our overriding legitimate interests in the correct presentation of our offering pursuant to Art. 6(1)(f) GDPR, as determined by a balancing of interests. All access data is deleted no later than seven days after the end of your visit to the site.

Hosting

The services for hosting and displaying the website are partially provided by our service providers as part of processing on our behalf. Unless otherwise specified in this Privacy Policy, all access data as well as all data collected in the forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact information provided in this Privacy Policy.

Our service providers are located in and/or use servers in the following countries for which the European Commission has determined, by decision, an adequate level of data protection: Canada

Our service providers are located in and/or use servers in the following countries for which the European Commission has determined, by decision, an adequate level of data protection: Canada, New Zealand, Japan, United Kingdom, USA.

There is a decision by the European Commission on an adequate level of data protection for the USA as the basis for a transfer to a third country, provided that the respective service provider is certified. Until certification by our service providers, data transfers continue to be based on this foundation: the European Commission’s Standard Data Protection Clauses.

Our service providers are located in and/or use servers in the following countries: Australia, India, Singapore.

There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these safeguards: European Commission Standard Data Protection Clauses

2. Data Processing for Contract Execution and Contact Establishment

2.1 Data Processing for Contract Execution

For the purpose of contract fulfillment (including inquiries regarding and the handling of any existing warranty claims and claims for breach of contract, as well as any statutory update obligations) pursuant to Art. 6(1)(b) GDPR, we collect personal data when you voluntarily provide it to us as part of your order. Mandatory fields are marked as such, as we require this data for contract fulfillment and cannot ship the order without it. The data collected is indicated in the respective input forms.

Further information regarding the processing of your data, particularly regarding its transfer to our service providers for the purposes of order, payment, and shipping processing, can be found in the following sections of this Privacy Policy. After the contract has been fully processed, your data will be restricted for further processing and deleted after the expiration of the retention periods under tax and commercial law in accordance with Art. 6(1)(c) GDPR, unless you have expressly consented to further use of your data in accordance with Art. 6(1)(a) GDPR or we reserve the right to use your data beyond this scope, which is permitted by law and about which we inform you in this policy.

Merchandise Management System

We use merchandise management systems provided by external service providers for order and contract processing. Our service providers act on our behalf within the scope of data processing. If you have any questions regarding our service providers and the basis of our cooperation with them, please contact us using the contact information provided in this Privacy Policy.

2.2 Customer Account

To the extent that you have given your consent pursuant to Art. 6(1)(a) GDPR by deciding to open a customer account, we use your data for the purpose of opening the customer account and for storing your data for future orders on our website. You may delete your customer account at any time by either sending a message to the contact details provided in this Privacy Policy or using the function provided for this purpose within your customer account. After your customer account is deleted, your data will be deleted unless you have expressly consented to further use of your data pursuant to Art. 6(1)(a) GDPR or we reserve the right to use your data beyond this scope, which is permitted by law and about which we inform you in this policy.

2.3 Contacting Us

As part of our customer communications, we collect personal data to process your inquiries in accordance with Article 6(1)(b) of the GDPR if you voluntarily provide this data to us when contacting us (e.g., via the contact form or email). Mandatory fields are marked as such, as we require this data to process your contact request. The data collected is indicated in the respective input forms. Once your inquiry has been fully processed, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6(1)(a) GDPR or we reserve the right to use your data for other purposes that are permitted by law and about which we inform you in this statement.

3. Data Processing for Shipping Purposes

To fulfill the contract pursuant to Art. 6(1)(b) GDPR, we share your data with the shipping service provider responsible for delivery, to the extent necessary for the delivery of ordered goods.

4. Data processing for payment processing

When processing payments in our online store, we work with the following partners: technical service providers, credit institutions, and payment service providers.

4.1 Data processing for transaction processing

Depending on the selected payment method, we transfer the data necessary for processing the payment transaction to our technical service providers, who act on our behalf as data processors, or to the commissioned credit institutions or to the selected payment service provider, to the extent necessary for processing the payment. This serves the purpose of fulfilling the contract pursuant to Art. 6(1)(b) GDPR. In some cases, the payment service providers collect the data required for processing the payment themselves, e.g., on their own website or through technical integration into the ordering process. In this regard, the privacy policy of the respective payment service provider applies.

If you have any questions about our payment processing partners and the basis of our cooperation with them, please contact us using the contact information provided in this privacy policy.

4.2 Data Processing for the Purpose of Fraud Prevention and the Optimization of Our Payment Processes

Where applicable, we provide our service providers with additional data, which they use—along with the data necessary for processing the payment—as our data processors for the purpose of fraud prevention and the optimization of our payment processes (e.g., invoicing, handling disputed payments, and supporting accounting). This serves, in accordance with Art. 6(1)(f) GDPR, to safeguard our legitimate interests—which prevail following a balancing of interests—in protecting ourselves against fraud and in ensuring efficient payment management.

5. Advertising via Email

5.1 Email Newsletters with Subscription and Newsletter Tracking

When you subscribe to our newsletter, we use the data required for this purpose or separately provided by you to send you our email newsletter on a regular basis based on your consent pursuant to Art. 6(1)(a) GDPR. You may unsubscribe from the newsletter at any time by either sending a message to the contact address provided below or by clicking a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the recipient list, unless you have expressly consented to further use of your data in accordance with Art. 6(1)(a) GDPR or we reserve the right to use your data for other purposes that are permitted by law and about which we inform you in this statement.

Please note that we evaluate your user behavior when sending the newsletter. To this end, we also analyze your interaction with our newsletter by measuring, storing, and evaluating open rates and click-through rates for the purpose of designing future newsletter campaigns (“newsletter tracking”).

For this analysis, the emails sent contain single-pixel technologies (e.g., so-called web beacons, tracking pixels) that are stored on our website. For the analyses, we link the following “newsletter data” in particular

  • the page from which the page was requested (so-called referrer URL),
  • the date and time of the request,
  • the description of the type of web browser used,
  • the IP address of the requesting computer,
  • the email address,
  • the date and time of registration and confirmation

and the one-pixel technologies with your email address or your IP address and, if applicable, an individual ID. Links contained in the newsletter may also contain this ID.

If you do not wish to be tracked via the newsletter, you can unsubscribe from the newsletter at any time as described above.

The information is stored for as long as you remain subscribed to the newsletter.

5.2 Newsletter Distribution

The newsletter and the newsletter tracking described above may also be sent by our service providers as part of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please contact us using the contact information provided in this Privacy Policy.

6. Cookies and Other Technologies

6.1 General Information

To make your visit to our website more engaging and to enable the use of certain features, we use technologies—including so-called cookies—on various pages. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted at the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies).

Privacy Protection on End Devices

When you use our online services, we employ technologies that are strictly necessary to provide the explicitly requested telemedia service. The storage of information on your end device or access to information already stored on your end device does not require your consent in this regard.

For functions that are not strictly necessary, the storage of information on your device or access to information already stored on your device requires your consent. Please note that if you do not grant your consent, parts of the website may not be fully usable. Any consent you have granted remains in effect until you adjust or reset the respective settings on your device.

Any subsequent data processing via cookies and other technologies

We use technologies that are strictly necessary for the use of certain functions on our website (e.g., the shopping cart function). These technologies collect and process your IP address, the time of your visit, device and browser information, as well as information regarding your use of our website (e.g., information about the contents of your shopping cart). This serves, within the framework of a balancing of interests, our overriding legitimate interests in an optimized presentation of our offering pursuant to Art. 6(1)(f) GDPR.

In addition, we use technologies to fulfill the legal obligations to which we are subject (e.g., to be able to demonstrate consent to the processing of your personal data) as well as for web analytics and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this Privacy Policy.

You can find the cookie settings for your browser at the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

If you have consented to the use of these technologies pursuant to Article 6(1)(a) of the GDPR, you may revoke your consent at any time by contacting us via the contact options described in the Privacy Policy. Alternatively, you can also visit the following link: https://www.leopolds-finest.de/#revokeConsent. If you do not accept cookies, the functionality of our website may be limited.

6.2 Consent Manager Platform (CMP)

On our website, we use a consent management service (“Consent Manager Platform (CMP)” to inform you about the cookies and other technologies we use on our website, as well as to obtain, manage, and document your consent—where required—to the processing of your personal data by these technologies. This is necessary pursuant to Art. 6(1)(c) GDPR to fulfill our legal obligation under Art. 7(1) GDPR to be able to demonstrate your consent to the processing of your personal data, to which we are subject. The Consent Manager Platform (CMP) used is a service provided by Pandectes, Harju County, Kuusalu vald, Pudisoo küla, 74626, Männimäe/1, Estonia, which processes your data on our behalf.

After you submit your cookie consent on our website, the web server stores the following data: IP address, device information, browser information, selected language, the webpage visited or its URL, the date and time of your consent declaration, and information regarding your consent behavior.

In addition, the following technologies are used, which contain information regarding your consent behavior: Cookies

Your data will be deleted after one year, unless you have expressly consented to further use of your data in accordance with Art. 6(1)(a) GDPR or we reserve the right to use your data beyond this period, which is permitted by law and about which we inform you in this statement.

7. Use of Cookies and Other Technologies

To the extent that you have given your consent pursuant to Art. 6(1)(a) GDPR, we use the following cookies and other third-party technologies on our website. Once the purpose has been fulfilled and we have ceased using the respective technology, the data collected in this context will be deleted. You may revoke your consent at any time with future effect. Further information regarding your options for revocation can be found in the section “Cookies and Other Technologies.” Additional information, including the basis for our cooperation with the individual providers, can be found under the respective technologies. If you have any questions regarding the providers and the basis for our cooperation with them, please contact us using the contact information provided in this Privacy Policy.

7.1 Use of Google Services

We use the technologies of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) described below. The information automatically collected by Google technologies regarding your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored there. Unless otherwise specified for the individual technologies, data processing is based on an agreement concluded between joint controllers for the respective technology in accordance with Art. 26 GDPR. Further information about data processing by Google can be found in the Google Privacy Policy.

Our service providers are located in and/or use servers in countries outside the EU and the EEA for which the European Commission has determined, by decision, that an adequate level of data protection exists.

Our service providers are located in and/or use servers in countries outside the EU and the EEA. No adequacy decision by the European Commission exists for these countries. Our cooperation with them is based on the European Commission’s Standard Data Protection Clauses.

 

Google Analytics

For the purpose of website analysis, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information, as well as information regarding your use of our website), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. If you visit our website from the EU, your IP address is stored on a server located in the EU to derive location data and is then immediately deleted before the traffic is forwarded to other Google servers for processing. Data processing is carried out on the basis of a data processing agreement with Google.

For the purpose of optimizing the marketing of our website, we have activated the data sharing settings for “Google products and services”. This allows Google to access the data collected and processed by Google Analytics and subsequently use it to improve Google services. Data sharing with Google under these data sharing settings is based on an additional agreement between the data controllers. We have no influence over the subsequent data processing by Google.

To create and conduct tests, we also use the Google Analytics extension feature Google Optimize.

For the purpose of optimizing the marketing of our website, we use the so-called User ID feature. With the help of this feature, we can assign a unique, permanent ID to your interaction data from one or more sessions on our online platforms and thus analyze your user behavior across devices and sessions.

For web analytics, the Google Analytics extension Google Signals enables so-called “cross-device tracking.” If your internet-enabled devices are linked to your Google Account and you have enabled the “personalized ads” setting in your Google Account, Google can generate reports on your usage behavior (in particular, cross-device user numbers), even if you switch devices. We do not process personal data in this regard; we merely receive statistics generated based on Google Signals.

For web analytics and advertising purposes, the Google Analytics extension feature enables the so-called DoubleClick cookie to recognize your browser when you visit other websites. Google will use this information to compile reports on website activity and to provide other services related to website usage.

Google AdSense

Our website uses Google AdSense to sell ad space to third-party advertisers. These ads are displayed to you in various locations on this website. The so-called DoubleClick cookie enables the display of interest-based advertising through the collection and processing of data (IP address, time of visit, device and browser information, as well as information regarding your use of our website) and the automatic assignment of a pseudonymous user ID, which is used to determine interests based on visits to this and other websites.

 

Google Ads

For advertising purposes in Google search results and on third-party websites, the so-called Google Remarketing Cookie is set when you visit our website. This cookie enables interest-based advertising by automatically collecting and processing data (IP address, time of visit, device and browser information, and information about your use of our website) and using a pseudonymous CookieID based on the pages you have visited. Any further data processing only takes place if you have enabled the “personalized ads” setting in your Google Account. In this case, if you are logged into Google while visiting our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing.

For website analysis and event tracking, we use Google Ads Conversion Tracking to measure your subsequent usage behavior if you arrived at our website via a Google Ads advertisement. For this purpose, cookies may be used and data (IP address, time of visit, device and browser information, as well as information regarding your use of our website based on events specified by us, such as visiting a webpage or subscribing to a newsletter) may be collected, from which usage profiles are created using pseudonyms.

 

Google reCAPTCHA

To protect our web forms from misuse and to prevent spam generated by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information, and information regarding your use of our website) and analyzes your use of our website using JavaScript and cookies. Additionally, other cookies stored in your browser by Google services are evaluated. No personal data is read or stored from the input fields of the respective form.

 

Google Tag Manager

Google Tag Manager allows us to manage various codes and services on our website. When implementing individual tags, Google may also process personal data (e.g., IP address, online identifiers (including cookies)). Data processing is carried out on the basis of a data processing agreement with Google.

The use of Google Tag Manager enables the integration of various services/technologies.

If you do not wish to use individual tracking services and have therefore deactivated them, the deactivation remains in effect for all affected tracking tags integrated via Google Tag Manager.

7.2 Use of Facebook Services

Use of Facebook Pixel

We use the Facebook Pixel as part of the technologies described below from Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Facebook (by Meta)” or “Meta Platforms Ireland”). The Facebook Pixel automatically collects and stores data (IP address, time of visit, device and browser information, as well as information about your use of our website based on events specified by us, such as visiting a webpage or subscribing to a newsletter), from which usage profiles are created using pseudonyms. As part of so-called “extended data matching,” information that can be used to identify individuals (e.g., names, email addresses, and phone numbers) is also collected and stored in hashed form for matching purposes. To this end, when you visit our website, the Facebook Pixel automatically sets a cookie that enables your browser to be recognized when visiting other websites via a pseudonymous cookie ID. Facebook (by Meta) will combine this information with other data from your Facebook account and use it to compile reports on website activity and to provide other services related to website usage, in particular personalized and group-based advertising.

The information automatically collected by Facebook (by Meta) technologies regarding your use of our website is generally transmitted to a server operated by Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information regarding data processing by Facebook can be found in the Facebook (by Meta) Privacy Policy.


Our service providers are located in and/or use servers in the following countries for which the European Commission has determined, by decision, that an adequate level of data protection exists: the United States, Canada, Japan, South Korea, New Zealand, the United Kingdom, and Argentina.


A decision by the European Commission on an adequate level of data protection for the USA serves as the basis for a transfer to a third country, provided that the respective service provider is certified. Certification is in place.


Our service providers are located in and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, and Mexico. There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these safeguards: Standard Data Protection Clauses of the European Commission.

 

Facebook Analytics

As part of Facebook Business Tools, statistics on visitor activity on our website are generated from the data collected via the Facebook Pixel regarding your use of our website. Data processing is carried out on the basis of a data processing agreement with Facebook (by Meta). This analysis serves to optimize the presentation and marketing of our website.

Facebook Ads (Ads Manager)

We use Facebook Ads to advertise this website on Facebook (by Meta) and other platforms. We determine the parameters of the respective advertising campaign. Facebook (by Meta) is responsible for the exact implementation, in particular the decision regarding the placement of ads for individual users. Unless otherwise specified for the individual technologies, data processing is based on an agreement between joint controllers pursuant to Art. 26 GDPR.

 

Joint controllership is limited to the collection of data and its transmission to Meta Platforms Ireland. The subsequent data processing by Meta Platforms Ireland is not covered by this.

Based on the statistics generated via Facebook Pixel regarding visitor activity on our website, we use Facebook Custom Audience to run group-based advertising on Facebook (by Meta) by defining the characteristics of the respective target group. As part of the extended data matching process (see above) used to determine the respective target group, Facebook (by Meta) acts as our data processor.

Based on the pseudonymous cookie ID set by the Facebook Pixel and the data collected about your usage behavior on our website, we use the Facebook Pixel to run remarketing personalized advertising.

Via Facebook Pixel Conversions, we measure your subsequent usage behavior for web analytics and event tracking if you arrived at our website via a Facebook Ads advertisement. Data processing is carried out on the basis of a data processing agreement with Facebook (by Meta).

8. Integration of the Trusted Shops Trustbadge/other widgets

Provided you have given your consent pursuant to Art. 6(1)(a) GDPR, Trusted Shops widgets are integrated into this website to display Trusted Shops services (e.g., quality seals, collected reviews) and to offer Trusted Shops products to buyers after an order has been placed.

The Trustbadge and the services advertised through it are offered by Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne (“Trusted Shops”), with whom we are jointly responsible for data protection pursuant to Art. 26 GDPR. We provide you with the following information regarding the essential terms of the agreement pursuant to Art. 26(2) GDPR as part of this privacy notice.

Within the scope of the joint responsibility existing between us and Trusted Shops AG, please contact Trusted Shops as a matter of priority for data protection questions and to exercise your rights, using the contact options provided in the Privacy Policy. Regardless of this, however, you may always contact the controller of your choice. Your inquiry will then, if necessary, be forwarded to the other controller for a response.

8.1 Data Processing When Integrating the Trustbadge/Other Widgets

The Trustbadge is provided by a U.S.-based CDN (Content Delivery Network) provider. An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which is available for the U.S. here. Service providers from the U.S. are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information is available here. If service providers are not certified under the DPF, standard contractual clauses have been agreed upon as an appropriate safeguard.

When the Trustbadge is accessed, the web server automatically stores a so-called server log file, which also contains your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), and documents the access. The IP address is anonymized immediately after collection, so that the stored data cannot be associated with you personally. The anonymized data is used in particular for statistical purposes and for error analysis.

8.2 Data Processing After Order Completion

If you have given your consent, the Trustbadge accesses order information stored on your device (order total,

 

order number, and, if applicable, purchased product) stored on your device, and your email address is hashed using a cryptographic one-way function. The hash value is then transmitted to Trusted Shops along with the order information in accordance with Art. 6(1)(a) GDPR.

This serves to verify whether you are already registered for Trusted Shops services. If this is the case, further processing takes place in accordance with the contractual agreement between you and Trusted Shops. If you are not yet registered for the services or do not give your consent to automatic recognition via the Trustbadge, you will subsequently have the opportunity to manually register for the use of the services or to complete the verification process within the scope of your existing user agreement, if applicable.

For this purpose, after you complete your order, the Trustbadge accesses the following information stored on the device you are using: order total, order number, and email address. This is necessary so that we can offer you buyer protection. The data is not transmitted to Trusted Shops until you actively decide to complete the buyer protection process by clicking the button labeled accordingly in the so-called Trustcard. If you decide to use the services, further processing is governed by the contractual agreement with Trusted Shops pursuant to Art. 6(1)(b) GDPR in order to complete your registration for buyer protection, secure the order, and, if applicable, subsequently send you review invitations via email.

Trusted Shops uses service providers in the areas of hosting, monitoring, and logging. The legal basis is Art. 6(1)(f) GDPR for the purpose of ensuring trouble-free operation. In this context, processing may take place in third countries (the U.S. and Israel). An adequate level of data protection is ensured in each case by an adequacy decision of the EU Commission, which is available here for the U.S. and here for Israel. Service providers from the U.S. are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information is available here. If service providers used are not certified under the DPF, standard contractual clauses have been concluded as an appropriate safeguard.

9. Social Media

Our online presence on Facebook (by Meta), Instagram (by Meta)

To the extent that you have given your consent pursuant to Art. 6(1)(a) GDPR to the respective social media operator, when you visit our online presence on the aforementioned social media platforms, your data is automatically collected and stored for market research and advertising purposes, from which usage profiles are created using pseudonyms. These may be used, for example, to display advertisements within and outside the platforms that are presumed to correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as contact information and your related rights and privacy settings, please refer to the providers’ privacy policies linked below. If you still need assistance in this regard, please contact us.

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J,

Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland regarding your use of our online presence on Facebook (by Meta) is generally transmitted to and stored on a server operated by Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing in connection with a visit to a Facebook (by Meta) fan page is based on an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

Our service providers are located in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: the United States, Canada, Japan, South Korea, New Zealand, the United Kingdom, and Argentina.

There is a decision by the European Commission on an adequate level of data protection for the USA as the basis for a transfer to a third country, provided that the respective service provider is certified. Certification is in place.

Our service providers are located in and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on these safeguards: Standard Data Protection Clauses of the European Commission.

Instagram (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland regarding your use of our online presence on Instagram is generally transferred to and stored on a server operated by Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. Data processing in connection with a visit to an Instagram (by Meta) fan page is based on an agreement between joint controllers pursuant to Art. 26 GDPR. Further information (information on Insights data) can be found here.

Our service providers are located in and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

A decision by the European Commission on an adequate level of data protection for the USA serves as the basis for a transfer to a third country, provided that the respective service provider is certified. Certification is in place.

Our service providers are located in and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.

There is no adequacy decision by the European Commission for these countries. Our cooperation with you is based on the following safeguards: Standard Data Protection Clauses of the European Commission.

10. Contact Information and Your Rights

10.1 Your Rights

As a data subject, you have the following rights:

  • pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;
  • pursuant to Art. 16 GDPR, the right to request the immediate rectification of inaccurate personal data or the completion of your personal data stored by us;
  • pursuant to Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is
    • necessary for the exercise of the right to freedom of expression and information;
    • to comply with a legal obligation;
    • for reasons of public interest, or
    • to assert, exercise, or defend legal claims;
  • pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, provided that
    • you contest the accuracy of the data;
    • the processing is unlawful, but you oppose its erasure;
    • we no longer need the data, but you require it to assert, exercise, or defend legal claims; or
    • you have objected to the processing pursuant to Art. 21 GDPR;
  • pursuant to Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transmission to another controller;
  • pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your usual place of residence or workplace or of our company headquarters for this purpose.

Right to Object

To the extent that we process personal data as described above to safeguard our legitimate interests that prevail following a balancing of interests, you may object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you may exercise this right at any time as described above. If the processing is carried out for other purposes, you have a right to object only if there are grounds arising from your particular situation.

After you exercise your right to object, we will no longer process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.

This does not apply if the processing is carried out for direct marketing purposes. In that case, we will no longer process your personal data for this purpose.

10.2 Contact Information

If you have any questions regarding the collection, processing, or use of your personal data, or if you wish to request information, correction, restriction, or deletion of data, as well as to revoke consent or object to a specific use of your data, please contact us directly using the contact details in our legal notice.

Privacy Policy created using the Trusted Shops legal text generator in cooperation with FÖHLISCH Rechtsanwälte.