Data protection declaration
Unless stated otherwise below, the provision of your personal data is neither legally nor contractually obligatory, nor required for conclusion of a contract. You are not obliged to provide your data. Not providing it will have no consequences. This only applies as long as the processing procedures below do not state otherwise.
“Personal data” is any information relating to an identified or identifiable natural person.
Server log files
You can use our websites without submitting personal data. Every time you access our website, user data is transmitted by your internet browser and stored in protocol files (server log files). This stored data includes e.g. name of the site called up, date and time of the request, amount of data transferred and the provider making the request. This data serves exclusively to ensure smooth operation of our website and to improve our offering. It is not possible to assign this data to a particular person.
When you open a customer account, we will collect your personal data in the scope given there. The data processing is for the purpose of improving your shopping experience and simplifying order processing. The processing will be carried out on the basis of art. 6 (1) lit. a GDPR with your consent. You can withdraw your consent at any time by contacting us without affecting the legality of the processing carried out with your consent up to the withdrawal. Your customer account will then be deleted.
Collection, processing, and use of personal data in orders
When you submit an order, we only collect and use your personal data where this is necessary for the fulfilment and handling of your requests. The provision of data is necessary for conclusion of a contract. Failure to provide it will prevent the conclusion of any contract. The processing will occur on the basis of art. 6 (1) lit. b GDPR and is required for the fulfilment of a contract with you. We will not forward your data to third parties without your explicit consent. This only excludes our service partners which we require in order to handle the contractual relationship or service providers we use to process an order. Along with the recipients named in the clauses of this data protection declaration, these may be recipients in the following categories: Shipping providers, payment service providers, merchandise management service providers, service providers for order processing, web hosts, IT service providers and dropshipping dealers. We will comply strictly with legal requirements in every case. The scope of data transmission is restricted to a minimum.
Use of an external merchandise management system
We use a merchandise management system in the course of order processing for the purposes of contractual processing. For this purpose your personal data as collected in the course of the order will be sent to
JTL-Software-GmbH, Rheinstr. 7, 41836 Hückelhoven, Germany
Data collection and processing when paying by credit card, direct debit and invoice via secupay AG
We have integrated the components secupay.Lastschrift (direct debit), secupay.Rechnungskauf (payment by invoice) and secupay.Kreditkarte (credit card) by secupay AG (Goethstr. 6, 01896 Pulsnitz; “secupay”) into our website. secupay is a payment institute in the sense of the Zahlungsdiensteaufsichtsgesetz (Payment Services Supervision Act - ZAG) registered with the Federal Financial Supervisory Authority (Graurheindorfer Str. 108, 53117 Bonn; “BaFin” (register number: 126737) and facilitates cashless payment for products and services online. secupay forms a procedure allowing the claim for the purchase price to be assigned to secupay. This allows a retailer to deliver goods, services or downloads to the customer immediately after the order is placed. If you choose “direct debit”, “payment by invoice” or “credit card” via secupay when ordering from us, your data will automatically be transmitted to secupay. By choosing one of these payment options you agree to transmission of your personal data as necessary for handling the payment. When handling the purchase via secupay, your payment method data is transmitted to secupay. secupay then carries out a technical check on the risk of payment default. The online retailer is then automatically notified that the financial transaction has been carried out. The personal data exchanged with secupay includes first name, last name, address, email address, IP address, phone number and other data which is required for handling the payment. Data is transmitted in order to process your payment and prevent fraud. We will also transmit other personal data to secupay if there is a justified interest in doing so. The personal data exchanged between us and secupay may be transmitted by secupay to credit agencies. This transmission is for the purpose of identity and credit checking. secupay may forward the personal data to affiliated companies and service providers or subcontractors where this is necessary for the fulfilment of contractual obligations or the data is to be processed on its behalf. You have the option of withdrawing your consent for secupay to handle your data at any time. Withdrawal will not affect personal data which have to be processed, used or transmitted for (contractually compliant) payment processing. secupay’s applicable data protection provisions can be found at https://www.secupay.com/en/privacy-policy.
All PayPal transaction are covered by the PayPal Data Privacy Statement. You can found this at https://www.paypal.com/de/webapps/mpp/ua/privacy-prev?locale.x=en_GB
Processing is carried out on the basis of § 15 (3) TMG (Telemedia Act) as well as art. 6 (1) lit. f GDPR due to our justified interest in the purposes above.
Using the links below, you can find out how to manage cookies (or deactivate them, among other things) in major browsers:
Use of Matomo
Our website uses the analysis tool Matomo by InnoCraft Ltd. (150 Willis St, 6011 Wellington, New Zealand; “Matomo”).
The processing of data serves to analyse this website and its visitors. Data is collected and saved for marketing and optimisation purposes. A usage profile can be generated from this data under a pseudonym. Cookies may be deployed for this purpose. Cookies facilitate recognition of your internet browser. The data collected with Matomo technologies will not be used to identify the website user personally in future or combined with personal data on the bearer of the pseudonym without the separately issued consent of the affected party. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in needs-based and targeted design of the website. You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation. Approval for data collection and storage can be withdrawn at any time with future effect.
Duration of storage
After contractual processing has been completed, the data is initially stored for the duration of the warranty period, then in accordance with the retention periods prescribed by law, especially tax and commercial law, and then deleted after the period has elapsed, unless you have agreed to further processing and use.
Rights of the affected person
If the legal requirements are fulfilled, you have the following rights according to art. 15 to 20 GDPR: Right to information, correction, deletion, restriction of processing, data portability. You also have a right of objection against processing based on art. 6 (1) GDPR, and to processing for the purposes of direct marketing, according to art. 21 (1) GDPR.
Contact us at any time. Our contact details can be found in our imprint.
You can contact our data protection officers directly at: email@example.com
Right to complain to the regulatory authority
You have the right to complain to the regulatory authority according to art. 77 GDPR if you believe that your data is not being processed legally.
last update: 25.04.2018