Privacy policy

misfit b. shopping

1) Information on the collection of personal data and contact details of the person responsible. 1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data in this context is all data with which you can be personally identified. 1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is OTAN MEDIA GmbH, Fännergasse 2, 1210 Vienna, Austria, e-mail:shop@misfit.shopping. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. 1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line. 2) Data collection when visiting our website During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you: - Our visited website - Date and time at the time of access - Amount of data sent in bytes - Source/reference from which you reached the page - Browser used - Operating system used - IP address used (if applicable: in anonymized form) The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively should concrete indications point to illegal use. 3) Hosting Hosting by Shopify We use the store system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online store on the basis of processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of Shopify's aforementioned services, data may also be transferred to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on our behalf. In the event that data is transferred to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by adequacy decision of the European Commission. For further information on Shopify's data protection, please visit the following website: https://www.shopify.de/legal/datenschutz. Further processing on servers other than the aforementioned of Shopify will only take place within the framework communicated below. 4) Cookies In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and allow your browser to be recognized the next time you visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser. In some cases, the cookies are used to simplify the ordering process by storing settings (e.g. remembering the contents of a virtual shopping cart for a later visit to the website). Insofar as personal data is also processed by individual cookies used by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a DSGVO in the case of consent given, or in accordance with Art. 6 para. 1 lit. f DSGVO to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit. Please note that you can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for each browser at the following links: Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac Opera: https://help.opera.com/de/latest/web-preferences/#cookies Please note that if you do not accept cookies, the functionality of our website may be limited. 5) Contacting us In the context of contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary. 6) Data processing when opening a customer account and for contract processing Pursuant to Art. 6 (1) lit. b DSGVO, personal data will continue to be collected and processed if you provide it to us for the purpose of executing a contract or opening a customer account. Which data is collected can be seen from the respective input forms. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. We store and use the data provided by you for the purpose of processing the contract. After complete execution of the contract or deletion of your customer account, your data will be blocked with regard to tax and commercial law retention periods and deleted after expiration of these periods, unless you have expressly consented to a further use of your data or a legally permitted further use of data was reserved by our side. 7) Use of customer data for direct marketing purposes 7.1 Registration for our e-mail newsletter If you register for our e-mail newsletter, we will send you regular information about our offers. Mandatory data for sending the newsletter is only your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter after you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in the future by clicking on an appropriate link. By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 (1) lit. a DSGVO. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter is used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible mentioned at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration. 7.2 Sending the e-mail newsletter to existing customers If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you e-mail offers for similar goods or services to those already purchased from our range. In accordance with Section 7 (3) of the German Unfair Competition Act (UWG), we do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Para. 1 lit. f DSGVO. If you have initially objected to the use of your e-mail address for this purpose, no e-mails will be sent by us. You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. For this, you will only incur transmission costs according to the prime rates. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. 7.3 Newsletter dispatch via Shopify Email Our email newsletters are sent via Shopify Email, a service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), to which we pass on your data provided during the newsletter registration. This transfer takes place in accordance with Art. 6 (1) lit. f DSGVO and serves our legitimate interest in using an effective advertising, secure and user-friendly newsletter system. The data entered by you for the purpose of receiving newsletters (e.g. email address) is generally stored on Shopify's servers in the EU. As part of Shopify's aforementioned services, data may also be transmitted to Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc, Shopify Payments (USA) Inc or Shopify (USA) Inc as part of further processing on behalf of Shopify. In the case of transfer of data to Shopify Inc. in Canada, the adequate level of data protection is guaranteed by adequacy decision of the European Commission. Shopify uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the emails sent may contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). The data is collected exclusively pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter. Furthermore, Shopify may use this data itself in accordance with Art. 6 (1) lit. f DSGVO due to its own legitimate interest in designing and optimizing the service in line with demand, as well as for market research purposes, for example to determine which countries the recipients come from. However, Shopify does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties. We have entered into an order processing agreement with Shopify, which obliges Shopify to protect our customers' data and not to pass it on to third parties. You can view Shopify's privacy policy here: https://www.shopify.de/legal/datenschutz 8) Data processing for order processing 8.1 In order to process your order, we work together with the service provider(s) listed below, who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information. The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the framework of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will inform you explicitly about this below. The legal basis for the transfer of data is Art. 6 (1) lit. b DSGVO. 8.2 To fulfill our contractual obligations to our customers, we work with external shipping partners. We pass on your name as well as your delivery address and, if necessary for the delivery, your telephone number to a shipping partner selected by us exclusively for the purposes of the delivery of goods Art. 6 para. 1 lit. b DSGVO. 8.3 Use of special service providers for order processing and handling - Fiverr Order processing is carried out via the "Fiverr" service of Fiverr International Ltd, Eliezer Kaplan St. 8, Tel Aviv-Yafo, Israel ("Fiverr"). Name, address and, if applicable, other personal data (depending on the offer, in particular photographs of identifiable persons transmitted to us) are passed on to Fiverr in accordance with Art. 6 para. 1 lit. b DSGVO exclusively for the purpose of processing the online order. To the extent necessary, Fiverr will engage freelancers for the processing of the contract and pass on the above-mentioned data to them to the extent necessary. To protect the data and to ensure data security, Fiverr has concluded individual order data processing contracts with all contracted freelancers. For Israel, the European Commission has issued an adequacy decision, which certifies that Israel has a level of data protection comparable to the EU. Details on data protection and Fiverr's privacy policy can be viewed at: https://de.fiverr.com/privacy-policy?source=footer - Oberlo Order processing is carried out via the dropshipping tool "Oberlo", a service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Name, address and, if applicable, other personal data will be passed on to the respective shipping partner/supplier in accordance with Art. 6 (1) lit. b DSGVO exclusively for the purpose of delivering goods via Oberlo on our behalf. Your data will only be passed on to the extent that this is actually necessary for the processing of the order. We have concluded an order processing contract with Oberlo, with which we oblige Oberlo to protect our customers' data and not to pass it on to third parties. If you are interested, this contract can be viewed at the following Internet address: https://www.oberlo.de/oberlo-data-processing-addendum. - Printful Order processing is handled by the service provider "Printful" of Printful,Inc. 11025 Westlake Drive, Charlotte, NC28273, USA. Name, address and, if applicable, other personal data will be passed on to Printful in accordance with Art. 6 Para. 1 lit. b DSGVO exclusively for the purpose of processing the online order. Your data will only be passed on to the extent that this is actually necessary for the processing of the order. Details on Printful's data protection and the privacy policy of Printful, Inc. can be viewed at https://www.printful.com/policies/privacy. - Shopify Digital Download Order processing is carried out via the "Digital Downloads" service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"). Mail address and, if applicable, first name and surname of the customer are passed on to Shopify in accordance with Art. 6 para. 1 lit. b DSGVO exclusively for the processing of online orders. Your data will only be passed on to the extent that this is actually necessary for the processing of the order. Details on data protection and Shopify's privacy policy are available on the website at https://www.shopify.de/legal/datenschutz. - Shopify Order Printer For the accounting and logistical organization of orders, we use the "Order Printer" service of Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the automated creation of invoices, receipts, shipping labels and other business documents. If personal order data is processed via the service for the preparation of these documents, the processing is carried out in accordance with Art. 6 (1) lit. b DSGVO exclusively for the proper processing of online orders. 8.4 Use of payment service providers (payment services) - Apple Pay If you opt for the "Apple Pay" payment method of Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment processing is carried out via the "Apple Pay" function of your end device running iOS, watchOS or macOS by charging a payment card deposited with "Apple Pay". Apple Pay uses security functions integrated into the hardware and software of your device to protect your transactions. For the release of a payment, the entry of a code previously defined by you as well as the verification by means of the "Face ID" or "Touch ID" function of your terminal device is therefore required. For the purpose of payment processing, the information you provide during the ordering process, together with information about your order, is passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the source website to confirm the success of the payment. If personal data is processed during the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 (1) lit. b DSGVO. Apple retains anonymized transaction data, including the approximate purchase amount, the approximate date and time, and whether the transaction was completed successfully. The anonymization completely eliminates any reference to individuals. Apple uses the anonymized data to improve Apple Pay and other Apple products and services. When you use Apple Pay on iPhone or Apple Watch to complete a purchase made through Safari on Mac, the Mac and the authorization device communicate over an encrypted channel on Apple's servers. Apple does not process or store any of this information in a format that can identify you personally. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay," and uncheck "Allow payments on Mac." For more information about Apple Pay privacy, please visit the following web address: https://support.apple.com/de-de/HT203027 - Klarna If you select a Klarna payment service, payment processing will be carried out by Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). In order to enable the processing of the payment, your personal data (first and last name, street, house number, postal code, city, gender, e-mail address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, article, delivery type) will be forwarded to Klarna for the purpose of identity and credit checks, provided that you have expressly consented to this in accordance with Art. 6 para. 1 lit. a DSGVO during the ordering process. You can see which credit agencies your data may be forwarded to here: https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Klarna uses the information obtained about the statistical probability of non-payment for a weighed decision on the establishment, implementation or termination of the contractual relationship. You can revoke your consent at any time by sending a message to the data controller or to Klarna. However, Klarna remains entitled to process your personal data, if applicable, insofar as this is necessary for the processing of payments in accordance with the contract. Your personal data will be processed in accordance with the applicable data protection regulations and as specified in Klarna's Privacy Policy for Data Subjects located in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy or for data subjects based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy handled. - Paypal When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer takes place in accordance with Art. 6 para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check in terms of the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including information on the credit agencies used, please refer to PayPal's data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments. - Shopify Payments We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered via the payment service provider Shopify Payments, payment processing is carried out via the technical service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on your information provided during the ordering process together with information about your order (name, address, account number, bank code, credit card number if applicable, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b DSGVO. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose. You can find more information on the data protection of Shopify Payments at the following Internet address: https://www.shopify.com/legal/privacy. Data protection information on Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy

https://www.google.de/intl/de/policies/privacy. Insofar as legally required, we have obtained your consent pursuant to Art. 6 (1) lit. a DSGVO for the processing of your data as described above. You can revoke your consent at any time with effect for the future. To exercise your revocation, deactivate this service in the "Cookie Consent Tool" provided on the website. 11) Online marketing Facebook Pixel for the creation of Custom Audiences with extended data matching (with Cookie-Consent-Tool). Within our online offer, the so-called "Facebook Pixel" of the social network Facebook is used in the mode of extended data matching, which is operated by Facebook Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland ("Facebook"). Based on his explicit consent, when a user clicks on an advertisement played on Facebook and placed by us, an addition is added to the URL of our linked page by Facebook Pixel. Then, after redirection, this URL parameter is inscribed in the user's browser via a cookie that our linked page sets itself. In addition, this cookie collects specific customer data, such as the mail address, which we collect on our website linked to the Facebook ad during transactions such as purchase transactions, account logins or registrations (extended data matching). The cookie is then read by Facebook Pixel and allows the data, including specific customer data, to be forwarded to Facebook. With the help of the Facebook Pixel with extended data matching, it is possible for Facebook, on the one hand, to precisely determine the visitors to our online offer as a target group for the display of advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel with advanced data matching to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel with advanced data matching, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. This allows us to further evaluate the effectiveness of the Facebook ads for statistical and market research purposes by tracking whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion"). Compared to the standard variant of Facebook Pixel, the extended data matching feature helps us to better measure the effectiveness of our advertising campaigns by capturing more attributed conversions. All submitted data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with Facebook's data usage policy (https://www.facebook.com/about/privacy/). The data may enable Facebook and its partners to place advertisements on and off Facebook. These processing operations are carried out exclusively upon the granting of explicit consent in accordance with Art. 6 (1) a DSGVO. Consent to the use of the Facebook Pixel may only be declared by users older than 16 years of age. If you are younger, we ask you to ask your legal guardians for permission. The information generated by Facebook is usually transmitted to a Facebook server and stored there; this may also involve transmission to the servers of Facebook Inc. in the USA. You can revoke your consent at any time with effect for the future. To exercise your revocation, remove the check mark next to the setting for the "Facebook Pixel" in the "Cookie Consent Tool" embedded on the website. 12) Web analytics services Google (Universal) Analytics This website uses Google (Universal) Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). Google (Universal) Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. This website uses Google (Universal) Analytics exclusively with the extension "_anonymizeIp()", which ensures an anonymization of the IP address by shortening and excludes a direct personal reference. Through the extension, your IP address is shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC.server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage. In this context, the IP address transmitted by your browser as part of Google (Universal) Analytics will not be merged with other Google data. Google Analytics also enables the creation of statistics with statements about the age, gender and interests of site visitors on the basis of an evaluation of interest-based advertising and with the involvement of third-party information via a special function, the so-called "demographic characteristics". This allows the definition and differentiation of user groups of the website for the purpose of targeting marketing measures. However, data records collected via the "demographic characteristics" cannot be assigned to a specific person. All processing described above, in particular the setting of Google Analytics cookies for reading out information on the end device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 (1) lit. a DSGVO. Without this consent, Google Analytics will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your revocation, please deactivate this service in the "Cookie Consent Tool" provided on the website. We have concluded an order processing agreement with Google for the use of Google Analytics, which obliges Google to protect the data of our site visitors and not to pass it on to third parties. For the transfer of data from the EU to the USA, Google refers to so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European level of data protection in the USA. Further information on Google (Universal) Analytics can be found here: https://policies.google.com/privacy?hl=de&gl=de 13) Use of a live chat system Own live chat system On this website, for the purpose of operating a live chat system that serves to answer live inquiries, your communicated chat name and your communicated chat content are collected as data and stored for the course of the chat. The chat and your provided chat name are stored exclusively in the so-called RAM (Random-Access Memory) and are deleted immediately as soon as we or you have ended the chat conversation, but no later than 2 hours after the last message in the chat history. Cookies are used to operate the chat function. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. The cookies make it possible to recognize the Internet browser of the site visitor in order to distinguish between individual users of the chat function of our website. If the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in effective customer service and the statistical analysis of user behavior for optimization purposes. In order to avoid the storage of cookies, you can set your internet browser so that no cookies can be stored on your computer in the future or so that cookies that have already been stored are deleted. However, switching off all cookies may mean that the chat function on our website can no longer be executed. Shopify Chat For customer support purposes, this website uses the Shopify Chat live chat system, a service provided by Shopify Inc, 150 Elgin St, Ottawa, ON K2P 1L4, Canada ("Shopify"). For the purpose of responding to live support requests, Shopify collects and stores anonymized user data. From this anonymized data, usage profiles can be created under a pseudonym. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. The cookies enable the recognition of the Internet browser. If the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in effective customer service and the statistical analysis of user behavior for optimization purposes. The data collected using Shopify technologies will not be used to personally identify the visitor to this website without the separately granted consent of the data subject and will not be merged with personal data about the bearer of the pseudonym. In order to avoid the storage of Shopify cookies, you can set your Internet browser so that no cookies can be stored on your computer in the future or so that cookies that have already been stored are deleted. However, switching off all cookies may mean that some functions on our Internet pages can no longer be executed. You can object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with future effect by sending us your objection informally by e-mail to the e-mail address given in the imprint. In the case of data transfers to Shopify Inc. in Canada, the appropriate level of data protection is guaranteed by adequacy decision of the European Commission. 14) Tools and miscellaneous 14.1 - Adobe Fonts (Typekit) This site uses so-called web fonts provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA ("Adobe") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Adobe's servers. This may also involve the transmission of personal data to Adobe's servers in the United States. In this way, Adobe obtains knowledge that our website was accessed via your IP address. Adobe Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. If your browser does not support web fonts, a standard font is used by your computer. For more information about Adobe Fonts, please visit https://fonts.adobe.com/ and read Adobe's privacy policy: https://www.adobe.com/de/privacy.html - FontAwesome This site uses so-called web fonts from "FontAwesome", a service of Fonticons, Inc, 710 Blackhorn Dr, Carl Junction, 64834, MO, USA ("FontAwesome"), for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to FontAwesome's servers. This may also result in the transmission of personal data to FontAwesome's servers in the USA. In this way, FontAwesome obtains knowledge that our website was accessed via your IP address. The use of FontAwesome fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If your browser does not support web fonts, a standard font from your computer will be used. For more information on FontAwesome, please visit: https://fontawesome.com/privacy - Google Web Fonts This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Google's servers. This may also result in the transmission of personal data to the servers of Google LLC. in the USA. In this way, Google obtains knowledge that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. If your browser does not support web fonts, a standard font will be used by your computer. You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/. - Monotype Web Fonts This site uses so-called Web Fonts, which are provided by Monotype Imaging Holdings Inc., a Delaware corporation with its principal offices at 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA, for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. For this purpose, the browser you are using must connect to Monotype's servers. This enables Monotype to know that your IP address has been used to access our website. The use of Monotype Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. If your browser does not support web fonts, a standard font will be used by your computer. For more information on Monotype Web Fonts, please visit https://www.fonts.com/info/legal and see Monotype's privacy policy: https://www.fonts.com/info/legal/privacy 14.2 Google reCAPTCHA On this website, we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an input is made by a natural person or is abused by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in determining individual ownership on the Internet and the prevention of abuse and spam. The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA. Further information on Google reCAPTCHA as well as Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/. Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above for making an objection. 14.3 Shopsync for Shopify This website uses the Shopify app "Shopsync" by ShopSync LLC, PO Box 252, Jefferson City, TN 37760, USA. With the help of ShopSync, the newsletter service "Mailchimp" is synchronized with our Shopify account in such a way that, on the one hand, updates in Mailchimp email lists (such as a newsletter recipient opting out) are also automatically stored on Shopify and, on the other hand, new contact data generated via contract conclusions on Shopify are automatically transferred to the Mailchimp email lists. In the former case, data processing is carried out pursuant to Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in the effective and cross-system maintenance of the files of advertising addressees and the efficient observance of legally significant status changes. In the second case, exclusively on the basis of the user's express consent pursuant to Art. 6 (1) a DSGVO, after a contract has been concluded on Shopify for inclusion in the Mailchimp list, the user's first and last name, address and mail address together with transaction-related information (purchase amount, time and date of purchase) are transferred by ShopSync to Mailchimp. Data transferred in this way is not stored or retained by ShopSync after synchronization. All information synced between Shopify and Mailchimp is transmitted using Secure Socket Layer (SSL) technology, and all transmitted information remains encrypted during the sync process. The synchronization process requires the transfer of information over a secure connection to servers hosted by Amazon Web Services in the United States. Additional privacy notices regarding ShopSync can be found here: https://shopsync.io/privacy-policy 14.4 - Jitsi Meet We use the "Jitsi Meet" service of 8×8, Inc, 675 Creekside Way, Campbell, California 95008, USA (hereinafter "Jitsi Meet") to conduct online meetings, video conferences and/or webinars. In case of using Jitsi Meet, different data are processed. Here, the scope of the processed data depends on which data you provide before or during participation in an online meeting or a video conference or a webinar. In the course of using Jitsi Meet, data of the communication participants is processed and stored. This data may include, in particular, your login data (name, email address, phone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)). In addition, visual and auditory contributions of the participants, as well as voice input in chats may be processed. When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future. Otherwise, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO in the effective conduct of the online meeting, webinar or video conference. For more information on data usage by Jitsi Meet, please visit https://jitsi.org/meet-jit-si-privacy/. - Microsoft Teams We use the service "Microsoft Teams " of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA (hereinafter "Microsoft Teams") to conduct online meetings, video conferences and/or webinars. In case of using Microsoft Teams, different data are processed. Here, the scope of the processed data depends on the data you provide before or during participation in an online meeting or video conference or webinar. In the context of using Microsoft Teams, data of the communication participants is processed and stored on Microsoft Teams servers. This data may include, in particular, your login data (name, email address, phone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)). In addition, visual and auditory contributions of the participants, as well as voice input in chats may be processed. When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future. Otherwise, the legal basis for data processing when conducting online meetings, videoconferences or webinars is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO in the effective conduct of the online meeting, webinar or videoconference. For more information on data usage by Microsoft Teams, please see the Microsoft Teams privacy policy at https://privacy.microsoft.com/de-de/privacystatement. - Zoom We use the service "Zoom" of Zoom Video Communications Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA (hereinafter "Zoom") to conduct online meetings, video conferences and/or webinars. In the case of the use of Zoom, different data are processed. Here, the scope of the processed data depends on the data you provide before or during participation in an online meeting or video conference or webinar. In the course of using Zoom, data of communication participants is processed and stored on Zoom servers. This data may include, in particular, your login data (name, email address, phone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)). In addition, visual and auditory contributions of the participants, as well as voice input in chats may be processed. When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future. Otherwise, the legal basis for data processing when conducting online meetings, videoconferences or webinars is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO in the effective conduct of the online meeting, webinar or videoconference. For more information on Zoom's use of data, please see Zoom's privacy policy at https://zoom.us/docs/de-de/privacy-and-legal.html. 15) Rights of the data subject 15.1 The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below: - Right to information pursuant to Art. 15 DSGVO: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period and/or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing that concern you, as well as your right to be informed about what guarantees exist in accordance with Art. 46 of the GDPR if your data is transferred to third countries; - Right to rectification pursuant to Art. 16 DSGVO: You have the right to have any inaccurate data relating to you corrected without delay and/or to have any incomplete data stored by us completed; - Right to deletion pursuant to Art. 17 DSGVO: You have the right to request the deletion of your personal data if the conditions of Art. 17 (1) DSGVO are met. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims; - Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is being verified; if you refuse the erasure of your data due to unlawful data processing and instead request the restriction of the processing of your data; if you require your data for the assertion, exercise or defense of legal claims after we no longer need this data after the purpose has been achieved; or if you have lodged an objection for reasons relating to your particular situation as long as it has not yet been determined whether our legitimate grounds prevail; - Right to information in accordance with Art. 19 DSGVO: If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients. - Right to data portability pursuant to Art. 20 DSGVO: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller, insofar as this is technically feasible; - Right to revoke consent given in accordance with Art. 7 (3) DSGVO: You have the right to revoke consent to the processing of data once given at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation; - Right to lodge a complaint pursuant to Art. 77 GDPR: If you consider that the processing of personal data concerning you infringes the GDPR, you have - without prejudice to any other administrative or judicial remedy - the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement. 15.2 RIGHT OF OBJECTION IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS. IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES. 16) Duration of the storage of personal data The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and - if relevant - additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the data subject revokes his/her consent. If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment of the contract or the initiation of the contract and/or there is no legitimate interest on our part in continuing to store it. When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Article 21 (2) DSGVO. Unless otherwise stated in the other information in this statement about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

H_iO Collection

Newsletter

Please keep me up to date


Search in your language