PRIVACY POLICY
GENERAL PRIVACY POLICY
We are pleased that you are visiting our website www.elviragreblic.com and thank you for your interest. The protection of your data and your privacy is our top priority. Elvira Greblic, Markgraf Rüdigerstraße 24/10, 1150 Vienna therefore process your data exclusively on the basis of the statutory provisions (GDPR, TKG 2003) and according to the guidelines of the General Data Protection Regulation (EU) 2016/679 in the following data protection information, we will inform you about the most important aspects of data processing on our website.
Responsible acc. Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is Elvira Greblic, Markgraf Rüdiger Straße 24/10, 1150 Vienna, mail@elviragreblic.com.
This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognize an encrypted connection by the character string https:// and the lock symbol in your browser line.
AUTOMATIC DATA RETENTION
When using our website for information only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). Whenever you visit our website such as you are doing right now, our webserver (computer on which this website is saved/stored) automatically saves data such as
- Date and time at the moment of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser and browser version used
- Operating system used
- IP address used (if applicable: in anonymized form) in files (webserver-logfiles).
- Generally, webserver-logfiles stay saved for two weeks and then get deleted automatically. Data processing is carried out in accordance with Art. 6 (1) point f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently, if there are any concrete indications of illegal use.
CONTACT US
If you contact us using the form on the website, by e-mail or Facebook, you must provide a contact option so that we can answer your request. The legal basis for processing data is our legitimate interest in responding to your request in accordance with Art. 6 (1) point f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 (1) point b GDPR. The data you provide will then be stored by us for 12 months in order to process the request and in the event of follow-up questions. The legal basis for this is our legitimate interest in being able to answer your inquiry and to answer any follow-up inquiries in a specific and customer-oriented manner, taking into account previous inquiries. Our emails are hosted by a third party provider who is located within the European Union and acts as the recipient of the data on our behalf. All emails are stored on its servers.
COOKIES
Our website uses HTTP-cookies to store user-specific data.
Every time you surf the internet, you use a browser. In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. These cookie files are automatically put into the cookie-folder, which is like the “brain” of your browser. A cookie consists of a name and a value. Moreover, to define a cookie, one or multiple attributes must be specified.
Some cookies are only stored until you close the browser (session cookies), whereas other cookies are stored for long periods (session cookies). These cookies serve to recognise you when you access this website again (persistent cookies). Cookies can be installed by us (first-party cookie) or other providers (third-party cookies). Some cookies are crucial for a functioning website (essential cookies). Some cookies record the visits and origin of the visitor and measure the visitor’s data. It is not possible to link these cookies to your person (performance cookies). Some cookies are used for marketing purposes (marketing cookies).
When first visiting the website and online shop, you can select the cookies you wish to accept in the cookies declaration. You need to give consent for marketing cookies. You can withdraw your consent or change your cookie settings directly in your browser.
Upon your first visit to a website you are usually asked which of these cookie-types you want to accept. Furthermore, this decision will of course also be saved in a cookie.
You yourself take the decision if and how you want to use cookies. Thus, no matter what service or website cookies are from, you always have the option to delete, deactivate or only partially allow them. Therefore, you can for example block cookies of third parties but allow any other cookies.
If you want change or delete cookie-settings and would like to determine which cookies have been saved to your browser, you can find this info in your browser-settings:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
If you generally do not want to allow any cookies at all, you can set up your browser in a way, to notify you whenever a potential cookie is about to be set. This gives you the opportunity to manually decide to either permit or deny the placement of every single cookie. The settings for this differ from browser to browser.
There is a “cookie policy” that has been in place since 2009. It states that the storage of cookies requires the user’s consent. However, among the countries of the EU, these guidelines are often met with mixed reactions. In Austria the guidelines have been implemented in § 96 section 3 of the Telecommunications Act (TKG).
PROCESSING AND STORAGE OF PERSONAL DATA
Pursuant to Art. 6 (1) point b GDPR, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. It is possible to delete your customer account at any time. This can be done by sending a message to the above-mentioned address of the controller. We store and use the data provided by you for contract processing. After complete processing of the contract or deletion of your customer account, your data will be blocked in consideration of tax and commercial retention periods and deleted after expiry of these periods, unless you have expressly consented to further use of your data or a legally permitted further use of data has been reserved by our site, about which we will inform you accordingly below.
The personal data collected by us will be passed on to the transport company commissioned with the delivery within the scope of contract processing, insofar as this is necessary for the delivery of the goods. We will pass on your payment data to the commissioned credit institution within the framework of payment processing, if this is necessary for payment handling. If payment service providers are used, we explicitly inform you of this below. The legal basis for the transfer of data is Art. 6 (1) point b GDPR.
If delivery of goods takes place through the the Austrian or Germain Post Office we will pass on your e-mail address to them in accordance with Art. 6 (1) point a GDPR, prior to delivery of the goods, for the purpose of coordinating a date of delivery or of a notice about the shipment status, only if you have given your express consent during the ordering process. Otherwise, only the name of the recipient and the delivery address will be passed on to the post office for the purpose of delivery in accordance with Art. 6 (1) point b GDPR. The data will only be passed on if this is necessary for the delivery of the goods. In this case, prior agreement on the delivery date with post office or transmission of status information for shipment delivery is not possible.
Any personal data you electronically submit to us on this website, such as your name, email address, home address or other personal information you provide via the transmission of a form or via any comments to the blog, are solely used for the specified purpose and get stored securely along with the respective submission times and IP-address. These data do not get passed on to third parties.
Therefore, we use personal data for the communication with only those users, who have explicitly requested being contacted, as well as for the execution of the services and products offered on this website. We do not pass your personal data to others without your approval, but we cannot exclude the possibility this data will be looked at in case of illegal conduct.
If you send us personal data via email – and thus not via this website – we cannot guarantee any safe transmission or protection of your data. We recommend you, to never send confidential data via email.
RIGHTS IN ACCORDANCE WITH THE GENERAL DATA PROTETCTION REGULATION
You are granted the following rights in accordance with the provisions of the GDPR (General Data Protection Regulation) and the Austrian Data Protection Act (DSG):
- right to rectification (article 16 GDPR)
- right to erasure (“right to be forgotten“) (article 17 GDPR)
- right to restrict processing (article 18 GDPR)
- righ to notification – notification obligation regarding rectification or erasure of personal data or restriction of processing (article 19 GDPR)
- right to data portability (article 20 GDPR)
- Right to object (article 21 GDPR)
- right not to be subject to a decision based solely on automated processing – including profiling – (article 22 GDPR)
If you think that the processing of your data violates the data protection law, or that your data protection rights have been infringed in any other way, you can lodge a complaint with your respective regulatory authority. For Austria this is the data protection authority, whose website you can access at https://www.data-protection-authority.gv.at/.
TLS ENCRYPTION WITH HTTPS
We use https to transfer information on the internet in a tap-proof manner (data protection through technology design Article 25 Section 1 GDPR). With the use of TLS (Transport Layer Security), which is an encryption protocol for safe data transfer on the internet, we can ensure the protection of confidential information. You can recognise the use of this safeguarding tool by the little lock-symbol, which is situated in your browser’s top left corner, as well as by the use of the letters https (instead of http) as a part of our web address.
GOOGLE ANALYTICS PRIVACY POLICY
We use the tracking and analysis tool Google Analytics (GA) of the US-American company Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google Analytics collects data on your actions on our website. Whenever you click a link for example, this action is saved in a cookie and transferred to Google Analytics. With the help of reports which we receive from Google Analytics, we can adapt our website and our services better to your wishes.
Google Analytics is a tracking tool with the purpose of conducting data traffic analysis of our website. For Google Analytics to work, there is a tracking code integrated to our website. Upon your visit to our website, this code records various actions you perform on your website. As soon as you leave our website, this data is sent to the Google Analytics server, where it is stored.
Google processes this data and we then receive reports on your user behaviour. These reports can be one of the following:
- Target audience reports: With the help of target audience reports we can get to know our users better and can therefore better understand who is interested in our service.
- Advertising reports: Through advertising reports we can analyse our online advertising better and hence improve it.
- Acquisition reports: Acquisition reports provide us helpful information on how we can get more people enthusiastic about our service.
- Behaviour reports: With these reports, we can find out how you interact with our website. By the means of behaviour reports, we can understand what path you go on our website and what links you click.
- Conversion reports: A conversion is the process of leading you to carry out a desired action due to a marketing message. An example of this would be transforming you from a mere website visitor into a buyer or a newsletter subscriber. Hence, with the help of these reports we can see in more detail, if our marketing measures are successful with you. Our aim is to increase our conversion rate.
- Real time reports: With the help of these reports we can see in real time, what happens on our website. It makes us for example see, we can see how many users are reading this text right now.
Why do we use Google Analytics on our website?
The objective of our website is clear: We want to offer you the best possible service. Google Analytics’ statistics and data help us with reaching this goal.
Statistically evaluated data give us a clear picture of the strengths and weaknesses of our website. On the one hand, we can optimise our page in a way, that makes it easier to be found by interested people on Google. On the other hand, the data helps us to get a better understanding of you as our visitor. Therefore, we can very accurately find out what we must improve on our website, in order to offer you the best possible service. The analysis of that data also enables us to carry out our advertising and marketing measures in a more individual and more cost-effective way. After all, it only makes sense to show our products and services exclusively to people who are interested in them.
What data gets stored by Google Analytics?
With the aid of a tracking code, Google Analytics creates a random, unique ID which is connected to your browser cookie. That way, Google Analytics recognises you as a new user. The next time you visit our site, you will be recognised as a “recurring” user. All data that is collected gets saved together with this very user ID. Only this is how it is made possible for us to evaluate and analyse pseudonymous user profiles.
Your interactions on our website are measures by tags such as cookies and app instance IDs. Interactions are all kinds of actions that you perform on our website. If you are also using other Google systems (such as a Google Account), data generated by Google Analytics can be linked with third-party cookies. Google does not pass on any Google Analytics data, unless we as the website owners authorise it. In case it is required by law, exceptions can occur.
The following cookies are used by Google Analytics:
Name: _ga
Value:2.1326744211.152111602686-5
Purpose: By deafault, analytics.js uses the cookie _ga, to save the user ID. It generally serves the purpose of differenciating between website visitors.
Expiration date: After 2 years
Name: _gid
Value:2.1687193234.152111602686-1
Purpose: This cookie also serves the purpose of differentiating between website users
Expiration date: After 24 hours
Name: _gat_gtag_UA_
Value: 1
Verwendungszweck: It is used for decreasing the demand rate. If Google Analytics is provided via Google Tag Manager, this cookie gets the name _dc_gtm_ .
Expiration date: After 1 minute
Name: AMP_TOKEN
Value: No information
Purpose: This cookie has a token which is used to retrieve the user ID by the AMP Client ID Service. Other possible values suggest a logoff, a request or an error.
Expiration date: After 30 seconds up to one year
Name: __utma
Value:1564498958.1564498958.1564498958.1
Purpose: With this cookie your behaviour on the website can be tracked and the site performance can be measured. The cookie is updated every time the information is sent to Google Analytics.
Expiration date: After 2 years
Name: __utmt
Value: 1
Purpose: Just like _gat_gtag_UA_ this cookie is used for keeping the requirement rate in check.
Expiration date: Afer 10 minutes
Name: __utmb
Value:3.10.1564498958
Purpose: This cookie is used to determine new sessions. It is updated every time new data or information gets sent to Google Analytics.
Expiration date: After 30 minutes
Name: __utmc
Value: 167421564
Purpose: This cookie is used to determine new sessions for recurring visitors. It is therefore a session cookie, and only stays saved until you close the browser again.
Expiration date: After closing the browser
Name: __utmz
Value: m|utmccn=(referral)|utmcmd=referral|utmcct=/
Purpose: This cookie is used to identify the source of our website’s visitor number. This means, that the cookie saves information on where you came to our website from. This could be another site or an advertisement.
Expiration date: After 6 months
Name: __utmv
Value: No information
Purpose: The cookie is used to store custom user data. It gets updated whenever information is sent to Google Analytics.
Expiration date: After 2 years
Note: This list is by no means exhaustive, since Google are repeatedly changing the use of their cookies.
Below we will give you an overview of the most important data that can be evaluated by Google Analytics:
Heatmaps: Google creates so-called Heatmaps an. These Heatmaps make it possible to see the exact areas you click on, so we can get information on what routes you make on our website.
Session duration: Google calls the time you spend on our website without leaving it session duration. Whenever you are inactive for 20 minutes, the session ends automatically.
Bounce rate If you only look at one page of our website and then leave our website again, it is called a bounce.
Account creation: If you create an account or make an order on our website, Google Analytics collects this data.
IP-Address: The IP address is only shown in a shortened form, to make it impossible to clearly allocate it.
Location: Your approximate location and the country you are in can be defined by the IP address. This process is called IP location determination.
Technical information: Information about your browser type, your internet provider and your screen resolution are called technical information.
Source: Both, Google Analytics as well as ourselves, are interested what website or what advertisement led you to our site.
Further possibly stored data includes contact data, potential reviews, playing media (e.g. when you play a video on our site), sharing of contents via social media or adding our site to your favourites. This list is not exhaustive and only serves as general guidance on Google Analytics’ data retention.
How long and where is the data saved?
Google has servers across the globe. Most of them are in America and therefore your data is mainly saved on American servers. Here you can read detailed information on where Google’s data centres are located: https://www.google.com/about/datacenters/inside/locations/?hl=en
Your data is allocated to various physical data mediums. This has the advantage of allowing to retrieve the data faster, and of protecting it better from manipulation. Every Google data centre has respective emergency programs for your data. Hence, in case of a hardware failure at Google or a server error due to natural disasters, the risk for a service interruption stays relatively low.
Google Analytics has a 26 months standardised period of retaining your user data. After this time, your user data is deleted. However, we have the possibility to choose the retention period of user data ourselves. There are the following five options:
- Deletion after 14 months
- Deletion after 26 months
- Deletion after 38 months
- Deletion after 50 months
- No automatical deletion
As soon as the chosen period is expired, the data is deleted once a month. This retention period applies to any of your data which is linked to cookies, user identification and advertisement IDs (e.g. cookies of the DoubleClick domain). Any report results are based on aggregated information and are stored independently of any user data. Aggregated information is a merge of individual data into a single and bigger unit.
How can I delete my data or prevent data retention?
Under the provisions of the European Union’s data protection law, you have the right to obtain information on your data and to update, delete or restrict it. With the help of a browser add on that can deactivate Google Analytics’ JavaScript (ga.js, analytics.js, dc.js), you can prevent Google Analytics from using your data. You can download this add on at https://tools.google.com/dlpage/gaoptout?hl=en-GB. Please consider that this add on can only deactivate any data collection by Google Analytics.
Should you generally want to deactivate, delete or manage all cookies (independently of Google Analytics), you can use one of the guides that are available for any browser:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
Google Analytics is an active participant of the EU-U.S. Privacy Shield Framework, which regulates correct and save transfer of personal data.
You can find more information on this at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=111602686. We hope we were able to make you more familiar with the most important information on Google Analytics’ data processing. If you want to learn more about the tracking service, we recommend both of the following links: https://marketingplatform.google.com/about/analytics/terms/gb/ and https://support.google.com/analytics/answer/6004245?hl=en.
FACEBOOK PIXEL PRIVACY POLICY
We use Facebook’s Facebook pixel on our website. For that, we have implemented a code on our website. The Facebook pixel is a segment of a JavaScript code, which, in case you arrived on our website via Facebook ads, loads an array or functions that enable Facebook to track your user actions. For example, if you buy a product on our website, the Facebook pixel is triggered and then saves your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such as IP address, user ID) with the data of your Facebook account. After that, Facebook deletes your data again. The collected data is anonymous as well as inaccessible and can only be used for ad placement purposes. If you are a Facebook user and you are logged in, your visit to our website is automatically assigned to your Facebook user account.
We exclusively want to show our products or services to persons, who are interested in them. With the aid of the Facebook pixel, our advertising measures can get better adjusted to your wishes and interests. Therefore, Facebook users get to see suitable advertisement (if they allowed personalised advertisement). Moreover, Facebook uses the collected data for analytical purposes and for its own advertisements.
In the following we will show you the cookies, which were set on a test page through the integration of the Facebook pixel. Please consider that these cookies are only examples. Depending on the interaction that is made on our website, different cookies are set.
Name: _fbp
Value: fb.1.1568287647279.257405483-6111602686-7
Purpose: Dieses Cookie verwendet Facebook, um Werbeprodukte anzuzeigen.
Expiration date: nach 3 Monaten
Name: fr
Value: 0aPf312HOS5Pboo2r..Bdeiuf…1.0.Bdeiuf.
Purpose: Dieses Cookie wird verwendet, damit Facebook-Pixel auch ordentlich funktioniert.
Expiration date: nach 3 Monaten
Name: comment_author_50ae8267e2bdf1253ec1a5769f48e062111602686-3
Value: Name of the author
Purpose: This cookie saves the text and name of a user who e.g. leaves a comment.
Expiration date: after 12 months
Name: comment_author_url_50ae8267e2bdf1253ec1a5769f48e062
Value: https%3A%2F%2Fwww.testseite…%2F (URL of the author)
Purpose: This cookie saved the URL of the website that the user types into a text box on our website.
Expiration date: after 12 months
Name: comment_author_email_50ae8267e2bdf1253ec1a5769f48e062
Value: email address of the author
Purpose: This cookie saves the email address of the user, if they provided it on the website.
Expiration date: after 12 months
Note: The above-mentioned cookies relate to an individual user behaviour. Moreover, especially concerning the usage of cookies, changes at Facebook can never be ruled out.
If you are registered at Facebook, you can change the settings for advertisements yourself at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. If you are not a Facebook user, you can manage your user based online advertising at https://www.youronlinechoices.com/uk/your-ad-choices. You have the option to activate or deactivate any providers there.
If you want to learn more about Facebook’s data protection, we recommend you the view the company’s in-house data policies at https://www.facebook.com/policy.php.
GOOGLE TAG MANAGER PRIVACY POLICY
We use Google Tag Manager by the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) for our website.
This Tag Manager is one of Google’s many helpful marketing products. With it, we can centrally integrate and manage code sections of various tracking tools, that we use on our website.
In this privacy statement we will explain in more detail, what Google Tag Manager does, why we use it and to what extent your data is processed.
Google Tag Manager is an organising tool with which we can integrate and manage website tags centrally and via a user interface. Tags are little code sections which e.g. track your activities on our website. For this, segments of JavaScript code are integrated to our site’s source text. The tags often come from Google’s intern products, such as Google Ads or Google Analytics, but tags from other companies can also be integrated and managed via the manager. Since the tags have different tasks, they can collect browser data, feed marketing tools with data, embed buttons, set cookies and track users across several websites.
Everybody knows: Being organised is important! Of course, this also applies to maintenance of our website. In order to organise and design our website as well as possible for you and anyone who is interested in our products and services, we rely on various tracking tools, such as Google Analytics.
The collected data shows us what interests you most, which of our services we should improve, and which other persons we should also display our services to. Furthermore, for this tracking to work, we must implement relevant JavaScript Codes to our website. While we could theoretically integrate every code section of every tracking tool separately into our source text, this would take too much time and we would lose overview. This is the reason why we use Google Tag Manager. We can easily integrate the necessary scripts and manage them from one place. Additionally, Google Tag Manager’s user interface is easy to operate, and requires no programming skills. Therefore, we can easily keep order in our jungle of tags.
Tag Manager itself is a domain that neither uses cookies nor stores data. It merely functions as an “administrator“ of implemented tags. Data is collected by the individual tags of the different web analysis tools. Therefore, in Google Tag Manager the data is sent to the individual tracking tools and does not get saved.
However, with the integrated tags of different web analysis tools such as Google Analytics, this is quite different. Depending on the analysis tool used, various data on your internet behaviour is collected, stored and processed with the help of cookies. Please read our texts on data protection for more information on the articular analysis and tracking tools we use on our website.
We allowed Google via the account settings for the Tag Manager to receive anonymised data from us. However, this exclusively refers to the use of our Tag Manager and not to your data, which are saved via code sections. We allow Google and others, to receive selected data in anonymous form. Therefore, we agree to the anonymised transfer of our website data. However, even after extensive research we could not find out what summarised and anonymous data it is exactly that gets transmitted. What we do know is that Google deleted any info that could identify our website. Google combines the data with hundreds of other anonymous website data and creates user trends as part of benchmarking measures. Benchmarking is a process of comparing a company’s results with the ones of competitors. As a result, processes can be optimised based on the collected information.
When Google stores data, this is done on Google’s own servers. These servers are located all over the world, with most of them being in America. At https://www.google.com/about/datacenters/inside/locations/?hl=en you can read in detail where Google’s servers are.
In our individual data protection texts on the different tools you can find out how long the respective tracking tools save your data.
Google Tag Manager itself does not set any cookies but manages different tracking websites’ tags. In our data protection texts on the different tracking tools you can find detailed information on how you can delete or manage your data.
Google actively participates in the EU-U.S. Privacy Shield Framework, which regulates safe transfer of personal data. You can find more information at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&tid=111602686. If you want to learn more about Google Tag Manager, we recommend you to read https://marketingplatform.google.com/intl/en_uk/about/tag-manager/.
EMBEDDED SOCIAL MEDIA ELEMENTS PRIVACY POLICY
We have embedded elements from social media services on our website, to display pictures, videos and texts. By visiting pages that present such elements, data is transferred from your browser to the respective social media service, where it is stored. We do not have access to this data.
The following links lead to the respective social media services’ sites, where you can find a declaration on how they handle your data:
- Instagram Data Policy: https://help.instagram.com/519522125107875
- For YouTube, the Google Privacy Policy applies: https://policies.google.com/privacy?hl=en-GB
- Facebook Data Policy: https://www.facebook.com/about/privacy
- Twitter Privacy Policy: https://twitter.com/en/privacy
FACEBOOK DATA POLICY
We use selected Facebook tools on our website. Facebook is a social media network of the company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. With the aid of this tool we can provide the best possible offers to you and anyone interested in our products and services. In the following we will give you an overview on the different Facebook tools, as well as on what data is sent to Facebook and how you can delete these data.
Along with many other products, Facebook also offers so called “Facebook Business Tools”. This is Facebook’s official name for the tools, but it is not very common. Therefore, we decided to merely call them “Facebook tools”. They include the following:
- Facebook-Pixel
- social plugins (e.g. the “Like” or “Share“ button)
- Facebook Login
- Account Kit
- APIs (application programming interface)
- SDKs (Softwart developmept kits)
- Plattform-integrations
- Plugins
- Codes
- Specifications
- Documentations
- Technologies and Services
With these tools Facebook can extend its services and is able to receive information on user activities outside of Facebook.
We only want to show our services and products to people who are genuinely interested in them. With the help of advertisements (Facebook Ads) we can reach exactly these people. However, to be able to show suitable adverts to users, Facebook requires additional information on people’s needs and wishes. Therefore, information on the user behaviour (and contact details) on our website, are provided to Facebook. Consequently, Facebook can collect better user data and is able to display suitable adverts for our products or services. Thanks to the tools it is possible to create targeted, customised ad campaigns of Facebook.
Facebook calls data about your behaviour on our website “event data” and uses them for analytics services. That way, Facebook can create “campaign reports” about our ad campaigns’ effectiveness on our behalf. Moreover, by analyses we can get a better insight in how you use our services, our website or our products. Therefore, some of these tools help us optimise your user experience on our website. With the social plugins for instance, you can share our site’s contents directly on Facebook.
With the use of the Facebook tools, personal data (customer data) may be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address may be transmitted.
Facebook uses this information to match the data with the data it has on you (if you are a Facebook member). However, before the customer data is transferred to Facebook, a so called “Hashing” takes place. This means, that a data record of any size is transformed into a string of characters, which also has the purpose of encrypting data.
Moreover, not only contact data, but also “event data“ is transferred. These data are the information we receive about you on our website. To give an example, it allows us to see what subpages you visit or what products you buy from us. Facebook does not disclose the obtained information to third parties (such as advertisers), unless the company has an explicit permission or is legally obliged to do so. Also, “event data“ can be linked to contact information, which helps Facebook to offer improved, customised adverts. Finally, after the previously mentioned matching process, Facebook deletes the contact data.
To deliver optimised advertisements, Facebook only uses event data, if they have been combined with other data (that have been collected by Facebook in other ways). Facebook also uses event data for the purposes of security, protection, development and research. Many of these data are transmitted to Facebook via cookies. Cookies are little text files, that are used for storing data or information in browsers. Depending on the tools used, and on whether you are a Facebook member, a different number of cookies are placed in your browser. In the descriptions of the individual Facebook tools we will go into more detail on Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.
Facebook fundamentally stores data, until they are no longer of use for their own services and products. Facebook has servers for storing their data all around the world. However, customer data is cleared within 48 hours after they have been matched with their own user data.
In accordance with the General Data Protection Regulation (GDPR) you have the right of information, rectification, transfer and deletion of your data.
The collected data is only fully deleted, when you delete your entire Facebook account. Deleting your Facebook account works as follows:
1) Click on settings in the top right side in Facebook.
2) Then, click “Your Facebook information“ in the left column.
3) Now click on “Deactivation and deletion”.
4) Choose “Permanently delete account“ and then click on “Continue to account deletion“.
5) Enter your password, click on “continue“ and then on “Delete account“.
The retention of data Facebook receives via our site is done via cookies (e.g. with social plugins), among others. You can deactivate, clear or manage both all and individual cookies in your browser. How this can be done differs depending on the browser you use. The following instructions show, how to manage cookies in your browser:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
If you generally do not want to allow any cookies at all, you can set up your browser to notify you whenever a cookie is about to be set. This gives you the opportunity to decide upon the permission or deletion of every single cookie.
Facebook is an active participant in the EU-U.S. Privacy Shield Framework, which regulates correct and secure transfer of personal data. You can find more information at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC. We hope we could give you an understanding of the most important information about the use of Facebook tools and data processing. If you want to find out more on how Facebook use your data, we recommend reading the data policies at https://www.facebook.com/about/privacy/update.
INSTAGRAM PRIVACY POLICY
We have integrated functions of Instagram to our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Since 2012, Instagram is a subsidiary company of Facebook Inc. and is a part of Facebook’s products. The inclusion of Instagram’s contents on our website is called embedding. With this, we can show you Instagram contents such as buttons, photos or videos directly on our website. If you open websites of our online presence, that have an integrated Instagram function, data gets transmitted to, as well as stored and processed by Instagram. Instagram uses the same systems and technologies as Facebook. Therefore, your data will be processed across all Facebook firms.
In the following, we want to give you a more detailed insight on why Instagram collects data, what data these are and how you can control data processing. As Instagram belongs to Facebook Inc., we have, on the one hand received this information from the Instagram guidelines, and on the other hand from Facebook’s Data Policy.
Instagram is one of the most famous social media networks worldwide. Instagram combines the benefits of a blog with the benefits of audio-visual platforms such as YouTube or Vimeo. To “Insta“ (how the platform is casually called by many users) you can upload photos and short videos, edit them with different filters and also share them to other social networks. Also, if you do not want to be active on Instagram yourself, you can just follow other interesting users.
Instagram is a social media platform whose success has skyrocketed within recent years. Naturally, we have also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, we attach great importance to diversified contents. With the embedded Instagram features we can enrich our content with helpful, funny or exciting Instagram contents. Since Instagram is a subsidiary company of Facebook, the collected data can also serve us for customised advertising on Facebook. Hence, only persons who are genuinely interested in our products or services can see our ads.
Instagram also uses the collected data for tracking and analysis purposes. We receive summarised statistics and therefore more insight to your wishes and interests. It is important to mention that these reports do not identify you personally.
Whenever you land on one of our sites, which have Instagram functions (i.e. Instagram photos or plugins) integrated to them, your browser automatically connects with Instagram’s servers. Thereby, data is sent to, as well as saved and processed by Instagram. This always happens, whether you have an Instagram account or not. Moreover, it includes information on our website, your computer, your purchases, the advertisements you see and on how you use our offer. The date and time of your interaction is also stored. If you have an Instagram account or are logged in, Instagram saves significantly more data on you.
Facebook distinguishes between customer data and event data. We assume this is also the case for Instagram. Customer data are for example names, addresses, phone numbers and IP addresses. These data are only transmitted to Instagram, if they have been “hashed” first. Thereby, a set of data is transformed into a string of characters, which encrypts any contact data. Moreover, the aforementioned “event data“ (data on your user behaviour) is transmitted as well. It is also possible, that contact data may get combined with event data. The collected data data is matched with any data Instagram already has on you.
Furthermore, the gathered data are transferred to Facebook via little text files (cookies) which usually get set in your browser. Depending on the Instagram function used, and whether you have an Instagram account yourself, the amount of data that gets stored varies.
We assume data processing on Instagram works the same way as on Facebook. Therefore, if you have an account on Instagram or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser uses the cookie to send information to Instagram, as soon as you come across an Instagram function. No later than 90 days (after matching) the data is deleted or anonymised. Even though we have studied Instagram’s data processing in-depth, we cannot tell for sure what exact data Instagram collects and retains.
In the following we will show you a list of the least cookies placed in your browser when click on an Instagram function (e.g. button or an Insta picture). In our test we assume you do not have an Instagram account, since if you would be logged in to your Instagram account, your browser would place significantly more cookies.
The following cookies were used in our test:
Name: csrftoken
Value: “”
Purpose: This cookie is most likely set for security reasons to prevent falsifications of requests. We could not find out more information on it.
Expiry date: after one year
Name: mid
Value: “”
Purpose: Instagram places this cookie to optimise its own offers and services in- and outside of Instagram. The cookie allocates a unique user ID.
Expiry date: after end of session
Name: fbsr_111602686124024
Value: no information
Purpose: This cookie stores the login request of Instagram app users.
Expiry date: after end of session
Name: rur
Value: ATN
Purpose: This is an Instagram cookie which guarantees functionality on Instagram.
Expiry date: after end of session
Name: urlgen
Value: “{”194.96.75.33”: 1901}:1iEtYv:Y833k2_UjKvXgYe111602686”
Purpose: This cookie serves Instagram’s marketing purposes.
Expiry date: after end of session
Note: We do not claim this list to be exhaustive. The cookies that are placed in each individual case, depend on the functions embedded as well as on your use of Instagram.
How long and where are these data stored?
Instagram shares the information obtained within the Facebook businesses with external partners and persons you are globally connected with. Data processing is done according to Facebook’s internal data policy. Your data is distributed to Facebook’s servers across the world, partially for security reasons. Most of these servers are in the USA.
Thanks to the General Data Protection Regulation (GDPR), you have the right of information, rectification, transfer and deletion of your data. Furthermore, you can manage your data in Instagram’s settings. If you want to delete your data on Instagram completely, you will have to delete your Instagram account permanently.
And this is how an Instagram account can be deleted:
First, open the Instagram app. Then, navigate to your profile page, select the three bars in the top right, choose “Settings” and then click “Help”. Now, you will be redirected to the company’s website, where you must click on “Managing Your Account” and then “Delete Your Account”.
When you delete your account completely, Instagram deletes posts such as your photos and status updates. Any information other people shared about you are not a part of your account and do therefore not get deleted.
As mentioned before, Instagram primarily stores your data via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, managing them varies a bit. We will show you the instructions of the most relevant browsers here.
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
Generally, you can set your browser to notify you whenever a cookie is about to be set. Then you can individually decide upon the permission of every cookie.
Instagram is a subsidiary company of Facebook Inc. and Facebook is an active participant in the EU-U.S. Privacy Shield Framework. This framework regulates correct transfer between the USA and the European Union. Athttps://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC you can find out more about this. We gave our best to make you familiar with the most important information on data processing by Instagram. At https://help.instagram.com/519522125107875 you can find out more on Instagram’s data policies.
PINTEREST PRIVACY POLICY
On our website we use buttons and widgets of the social media network Pinterest, by the company Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.
By opening pages that use these functions, data (IP address, browser data, date and time, cookies) are transmitted to, and stored and evaluated by Pinterest.
The privacy guidelines on what information Pinterest collects and how they use it, can be found at https://policy.pinterest.com/en-gb/privacy-policy.
YOUTUBE PRIVACY POLICY
We have integrated YouTube videos to our website. Therefore, we can show you interesting videos directly on our site. YouTube is a video portal, which has been a subsidiary company of Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that contains an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Thereby, certain data are transferred (depending on the settings). Google is responsible for YouTube’s data processing and therefore Google’s data protection applies.
In the following we will explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or clear your data.
On YouTube, users can watch, rate, comment or upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. For us to be able to display videos on our website, YouTube provides a code snippet that we have integrated to our website.
YouTube is the video platform with the most visitors and best content. We strive to offer you the best possible user experience on our website, which of course includes interesting videos. With the help of our embedded videos, we can provide you other helpful content in addition to our texts and images. Additionally, embedded videos make it easier for our website to be found on the Google search engine. Moreover, if we place ads via Google Ads, Google only shows these ads to people who are interested in our offers, thanks to the collected data.
What data is stored by YouTube?
As soon as you visit one of our pages with an integrated YouTube, YouTube places at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, by using cookies YouTube can usually associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Additional data can include contact details, potential ratings, shared content via social media or YouTube videos you added to your favourites.
If you are not logged in to a Google or YouTube account, Google stores data with a unique identifier linked to your device, browser or app. Thereby, e.g. your preferred language setting is maintained. However, many interaction data cannot be saved since less cookies are set.
In the following list we show you cookies that were placed in the browser during a test. On the one hand, we show cookies that were set without being logged into a YouTube account. On the other hand, we show you what cookies were placed while being logged in. We do not claim for this list to be exhaustive, as user data always depend on how you interact with YouTube.
Name: YSC
Value: b9-CV6ojI5Y111602686-1
Purpose: This cookie registers a unique ID to store statistics of the video that was viewed.
Expiry date: after end of session
Name: PREF
Value: f1=50000000
Purpose: This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
Expiry date: after 8 months
Name: GPS
Value: 1
Purpose: This cookie registers your unique ID on mobile devices to track GPS locations.
Expiry date: after 30 minutes
Name: VISITOR_INFO1_LIVE
Value: 95Chz8bagyU
Purpose: This cookie tries to estimate the user’s internet bandwith on our sites (that have built-in YouTube videos).
Expiry date: after 8 months
Further cookies that are placed when you are logged into your YouTube account:
Name: APISID
Value: zILlvClZSkqGsSwI/AU1aZI6HY7111602686-
Purpose: This cookie is used to create a profile on your interests. This data is then used for personalised advertisements.
Expiry date: after 2 years
Name: CONSENT
Value: YES+AT.de+20150628-20-0
Purpose: The cookie stores the status of a user’s consent to the use of various Google services. CONSENT also provides safety measures to protect users from unauthorised attacks.
Expiry date: after 19 years
Name: HSID
Value: AcRwpgUik9Dveht0I
Purpose: This cookie is used to create a profile on your interests. This data helps to display customised ads.
Expiry date: after 2 years
Name: LOGIN_INFO
Value: AFmmF2swRQIhALl6aL…
Purpose: This cookie stores information on your login data.
Expiry date: after 2 years
Name: SAPISID
Value: 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
Purpose: This cookie identifies your browser and device. It is used to create a profile on your interests.
Expiry date: after 2 years
Name: SID
Value: oQfNKjAsI111602686-
Purpose: This cookie stores your Google Account ID and your last login time, in a digitally signed and encrypted form.
Expiry date: after 2 years
Name: SIDCC
Value: AN0-TYuqub2JOcDTyL
Purpose: This cookie stores information on how you use the website and on what advertisements you may have seen before visiting our website.
Expiry date: after 3 months
How long and where is the data stored?
The data YouTube receive and process on you are stored on Google’s servers. Most of these servers are in America. At https://www.google.com/about/datacenters/inside/locations/?hl=en you can see where Google’s data centres are located. Your data is distributed across the servers. Therefore, the data can be retrieved quicker and is better protected against manipulation.
Google stores collected data for different periods of time. You can delete some data anytime, while other data are automatically deleted after a certain time, and still other data are stored by Google for a long time. Some data (such as elements on “My activity”, photos, documents or products) that are saved in your Google account are stored until you delete them. Moreover, you can delete some data associated with your device, browser, or app, even if you are not signed into a Google Account.
Generally, you can delete data manually in your Google account. Furthermore, in 2019 an automatic deletion of location and activity data was introduced. Depending on what you decide on, it deletes stored information either after 3 or 18 months.
Regardless of whether you have a Google account or not, you can set your browser to delete or deactivate cookies placed by Google. These settings vary depending on the browser you use. The following instructions will show how to manage cookies in your browser:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
If you generally do not want to allow any cookies, you can set your browser to always notify you when a cookie is about to be set. This will enable you to decide to either allow or permit each individual cookie. Since YouTube is a subsidiary company of Google, Google’s privacy statement applies to both. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=en.
WOOCOMMERCE PRIVACY POLICY
We have integrated the open-source shop system WooCommerce to our website as a plugin. This WooCommerce plugin is based on the content management system WordPress, which is a subsidiary company of Automattic Inc. (60 29th Street #343, San Francisco, CA 94110, USA). Through the implemented functions, data are stored and sent to Automattic Inc where they are processed. In this privacy policy we want to inform you on what data this is, how the network uses this data and how you can manage or prevent data retention.
WooCommerce is an online shop system that has been part of the WordPress directory since 2011 and was specially developed for WordPress websites. It is a customisable, open source eCommerce platform that is based on WordPress. It has been integrated into our website as a WordPress plugin.
We use this practical online shop system, to be able to offer you our physical or digital products or services in the best possible way on our website. The aim is to give you easy and easy access to our offer, so that you can quickly and easily navigate to the products you want. With WooCommerce we have found a good plugin that meets our requirements for an online shop.
What data is stored by WooCommerce?
Information that you actively enter to a text field in our online shop can be collected and stored by WooCommerce or Automattic. Hence, if you register with us or order a product, Automattic may collect, process and save this data. In addition to email address, name or address, this can also be your credit card or billing information. Subsequently, Automattic can also use this information for their own marketing campaigns.
There is also evidence that Automattic automatically collects information on you in so-called server log files:
- IP-address
- Browser information
- Pre-set language settings
- Date and time of the web access
Moreover, WooCommerce sets cookies in your browser and uses technologies such as pixel tags (web beacons), to for example clearly identify you as a user and to be able to offer interest-based advertising. WooCommerce uses several different cookies, which are placed depending on the user action. This means that if you for example add a product to the shopping cart, a cookie is set so that the product remains in the shopping cart when you leave our website and come back later.
Below we want to show you an example list of possible cookies that may be set by WooCommerce:
Name: woocommerce_items_in_cart
Value: 1
Purpose:This cookie helps WooCommerce to determine when the contents of the shopping cart change.
Expiry date: after end of session
Name: woocommerce_cart_hash
Value: 447c84f810834056ab37cfe5ed27f204111602686-7
Purpose:This cookie is also used to recognise and save the changes in your shopping cart.
Expiry date: after end of session
Name: wp_woocommerce_session_d9e29d251cf8a108a6482d9fe2ef34b6
Value: 1146%7C%7C1589034207%7C%7C95f8053ce0cea135bbce671043e740111602686-4aa
Purpose:This cookie contains a unique identifier for you to allow the shopping cart data to be found in the database.
Expiry date: after 2 days
How long and where is the data stored?
Unless there is a legal obligation to keep data for a longer period, WooCommerce will delete your data if it is no longer needed for the purposes it was saved for. Server log files for example, the technical data for your browser and your IP address will be deleted after about 30 days. This is how long Automattic use the data to analyse the traffic on their own websites (for example all WordPress websites) and to fix possible problems. The data is stored on Automattic’s American servers.
How can I delete my data and prevent data retention?
You have the right to access your personal data anytime, as well as to object to it being used and processed. You can also lodge a complaint with a state supervisory authority anytime.
You can also manage, delete or deactivate cookies individually in your browser. However, please note that deactivated or deleted cookies may have a negative impact on the functions of our WooCommerce online shop. Depending on the browser you use, managing cookies differs slightly. Below you will find links to the instructions for the most common browsers:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
Automattic is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal data. More information can be found at https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC.
You can find more details on the privacy policy, as well as on which data is collected by WooCommerce in what way at https://automattic.com/privacy/ . Moreover, you can find general information on WooCommerce at https://woocommerce.com/.
KLARNA CHECKOUT PRIVACY POLICY
If you choose the payment method “Klarna Sofort” and click on “Order”, payment is processed by Klarna AB (publ )[https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter “Klarna”). To enable payment to be processed, your personal data (first and last name, street, house number, postcode, city, gender, e-mail address, telephone number and IP address) as well as data related to the order (e.g. B. Invoice amount, article, delivery type) is forwarded to Klarna for the purpose of identity and creditworthiness check, provided you have expressly consented to this in accordance with Art. 6 (1) point a GDPR within the ordering process. You can view to which credit agencies your data may be forwarded at: http://cdn.klarna.com/1.0/shared/content/legal/terms/Klarna/en_gb/checkout.
After successful payment you will land on our thank-you page. There the following cookie is set by sofort.com:
Name: SOFUEB
Value: e8cipp378mdscn9e17kajlfhv7111602686-4
Purpose: This cookie stores your session ID.
Expiry date: after ending the browser session
The credit report can contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on recognized scientific, mathematical-statistical methods. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information received on the statistical probability of non-payment for a balanced decision on the establishment, implementation or termination of the contractual relationship.
You can revoke your consent at any time by sending a message to the controller responsible for data processing or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary to process payments in accordance with the contract.
Your personal data will be treated in accordance with the applicable data protection regulations and in accordance with Klarna’s privacy policy regarding data subjects located in Germany https://cdn.klarna.com/1.0/shared/content/policy/data/de_en/data_protection.pdf
or regarding data subjects located in Austria https://cdn.klarna.com/1.0/shared/content/policy/data/de_at/data_protection.pdfAs soon as you choose
If you order a product or service from our shop, you must enter your personal data in the provided fields. Klarna processes this data for handling the payment. The following personal data (along with general product information) may be stored and processed by Klarna to check your creditworthiness and identity:
- Contact information: Name, date of birth, national ID number, title, invoice- und shipping address, email address, telephone number, nationality or salary.
- Payment information such as credit cards or your account number
- Product details such as shipment number, as well as type and price of the product
You can withdraw your consent for Klarna to process personal data anytime. Moreover, you always have the right for information, rectification, and deletion of your personal data. For this you must simply contact the company or its data protection team by email at privacy@klarna.co.uk. You can also contact them directly via “My Privacy Request” on Klarna’s website.
SOFORTÜBERWEISUNG PRIVACY POLICY
On our website we offer the payment method “Sofortüberweisung” from Sofort GmbH for cashless payment. Sofort GmbH has been part of the Swedish company Klarna since 2014, but is based in Germany, Theresienhöhe 12, 80339 Munich.
If you choose this payment method, your personal data will also be transmitted to Sofort GmbH or Klarna, where it will be stored and processed. In this privacy policy we will give you an overview of Sofort GmbH’s data processing.
Sofortüberweisung is an online payment system that enables you to place an order via online banking. The payment is processed by Sofort GmbH, while we immediately receive information about your payment. Anyone who has an active online banking account with a PIN and TAN can use this method. Only a few banks do not yet support this payment option.
It is our goal to offer you the best possible service with our website and our integrated online shop. Next to the overall experience of the website and offers, this also includes smooth, fast, and secure payment processing of your orders. To ensure this, we use “Sofortüberweisung” as a payment system.
If you make an immediate transfer via the Sofort/Klarna service, data such as your name, account number, sort code, payment reference, amount and date are stored on the company’s servers. We then also receive this information via the payment confirmation.
As part of the check for sufficient account coverage, Sofort GmbH reviews whether your account balance and overdraft can cover the payment amount. In some cases, it is also reviewed whether any instant transfers have been successfully carried out within the last 30 days. Furthermore, a shortened (“hashed”) form of your user identification (such as your signatory or contract number) as well as your IP address will be stored. For SEPA transfers your BIC and IBAN will also be stored.
According to Sofort GmbH, no other personal data (such as account balances, sales data, transaction limits, account lists, mobile phone numbers, authentication certificates, security codes or PIN/TAN) are collected, stored or passed on to third parties.
Sofortüberweisung also uses cookies to make our service more user-friendly. When you order a product, you will be redirected to the Sofort or Klarna website. After successful payment you will be redirected to our thank-you page. There, the following three cookies are placed:
Name: SOFUEB
Value: e8cipp378mdscn9e17kajlfhv7111602686-5
Purpose: This cookie stores your session ID.
Expiry date: after ending the browser session
Name: User[user_cookie_rules] Value: 1
Purpose: This cookie stores the status of your consent to the use of cookies.
Expiry date: after 10 years
Name: _ga
Value: GA1.2.69759879.1589470706
Purpose: Analytics.js uses the _ga cookie by default to store your user ID. Hence, it basically serves to differentiate between website visitors. It is a Google Analytics cookie.
Expiry date: after 2 years
Note: We do not claim for this cookie list to be exhaustive. Moreover, it is always possible that Sofortüberweisung may also use other cookies.
All gathered data are stored within the legal storage obligations. This obligation can last between three and ten years.
Klarna/Sofort GmbH try to only save data within the EU or the European Economic Area (EEA). If data is transferred outside the EU/EEA, data protection must comply with the GDPR. Also, the country the data is transferred to must be subject to the EU’s adequacy decision or have the US Privacy Shield certificate.
You can withdraw your consent for Klarna to process your personal data at any time. You also always have the right for information, rectification and deletion of your personal data. For this, you can simply email the company’s data protection team at privacy@klarna.co.uk.
In your browser, you can manage, delete, or deactivate Sofortüberweisung’s possible cookies. The settings vary a bit depending on what browser you use. The following instructions will show you how to manage cookies in the most common browsers:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
If you want to know more about Sofort GMmbH’s data processing, we recommend the privacy policy at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en_gb/privacy.
STRIPE PRIVACY POLICY
On our website we use a payment tool by Stripe, an American technology company and online payment service. Stripe Payments Europe (Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland) is responsible for customers within the EU. Therefore, if you choose Stripe as your payment method, your payment will be processed via Stripe Payments. Hence, the data required for the payment process is forwarded to Stripe where it is then stored. In this privacy policy we will give you an overview of Stripe’s data processing and retention. Moreover, we will explain why we use Stripe on our website.
The technology company Stripe offers payment solutions for online payments. Stripe enables us to accept credit and debit card payments in our webshop while it handles the entire payment process. A major advantage of Stripe is that you never have to leave our website or shop during the payment process. Moreover, payments are processed very quickly via Stripe.
We of course want to offer the best possible service with both our website and our integrated online shop. After all, we would like you to feel comfortable on our site and take advantage of our offers. We know that your time is valuable and therefore, payment processing in particular must work quickly and smoothly. In addition to our other payment providers, with Stripe we have found a partner that guarantees secure and fast payment processing.
If you choose Stripe as your payment method, your personal data (transaction data) will be transmitted to Stripe where it will be stored. These data include the payment method (i.e. credit card, debit card or account number), bank sort code, currency, as well as the amount and the payment date. During a transaction, your name, email address, billing or shipping address and sometimes your transaction history may also be transmitted. These data are necessary for authentication. Furthermore, Stripe may also collect relevant data for the purpose of fraud prevention, financial reporting and for providing its services in full. These data may include your name, address, telephone number as well as your country in addition to technical data about your device (such as your IP address).
Stripe does not sell any of your data to independent third parties, such as marketing agencies or other companies that have nothing to do with Stripe. However, data may be forwarded to internal departments, a limited number of Stripe’s external partners or for legal compliance reasons. What is more, Stripe uses cookies to collect data. Here is a selection of cookies that Stripe may set during the payment process:
Name: m
Value: edd716e9-d28b-46f7-8a55-e05f1779e84e040456111602686-5
Purpose: This cookie appears when you select your payment method. It saves and recognises whether you are accessing our website via a PC, tablet or smartphone.
Expiry date: after 2 years
Name: __stripe_mid
Value: fc30f52c-b006-4722-af61-a7419a5b8819875de9111602686-1
Purpose: This cookie is required for carrying out credit card transactions. For this purpose, the cookie stores your session ID.
Expiry date: after one year
Name: __stripe_sid
Value: 6fee719a-c67c-4ed2-b583-6a9a50895b122753fe
Purpose: This cookie also stores your ID. Stripe uses it for the payment process on our website.
Expiry date: after end of the session
How long and where are the data stored?
Generally, personal data are stored for the duration of the provided service. This means that the data will be stored until we terminate our cooperation with Stripe. However, in order to meet legal and official obligations, Stripe may also store personal data for longer than the duration of the provided service. Furthermore, since Stripe is a global company, your data may be stored in any of the countries Stripe offers its services in. Therefore, your data may be stored outside your country, such as in the USA for example.
How can I delete my data or prevent data retention?
Stripe is still a participant of the EU-U.S. Privacy Shield Framework which regulated correct and secure transfer of personal data until July 16, 2020. However, since the European Court of Justice declared the agreement to be invalid, the company no longer relies on this agreement, but still acts according to the principles of Privacy Shield.
You always reserve the right to information, correction and deletion of your personal data. Should you have any questions, you can contact the Stripe team at https://support.stripe.com/contact/email.
You can delete, deactivate or manage cookies in your browser that Stripe uses for its functions. This works differently depending on which browser you are using. Please note, however, that if you do so the payment process may no longer work. The following instructions will show you how to manage cookies in your browser:
Chrome: Clear, enable and manage cookies in Chrome
Safari: Manage cookies and website data in Safari
Firefox: Clear cookies and site data in Firefox
Internet Explorer: Delete and manage cookies
Microsoft Edge: Delete cookies in Microsoft Edge
We have now given you a general overview of Stripe’s data processing and retention. If you want more information, Stripe’s detailed privacy policy at https://stripe.com/at/privacy is a good source.
Source: Created with the Datenschutz Generator by AdSimple® Blog Marketing in cooperation with bauguide.at
No products in the cart.