LinoraBel Ltd. Managing Director: Markus Nenner Gerhart-Hauptmann-Str. 13 69207 Heidelberg
Personal
By phone: +49 06221 - (You can reach us Monday to Friday from 9:00 a.m. to 4:00 p.m. via our telephone number above) E-mail: Click here for the contact form >
VAT ID
VAT identification number according to Section 27a of the Sales Tax Law: DE133169166
Tax number: 53041/32340
EU dispute settlement
The European Commission provides a platform for online dispute resolution (ODR): https://ec.europa.eu/consumers/odr/ . Our email address can be found above in the imprint.
We are neither obliged nor willing to participate in a dispute resolution procedure before a consumer arbitration board.
Data Protection at a Glance
General information
This notice explains what happens to your personal data when you visit our website. Personal data is any information that can identify you. For detailed information, please see our full privacy policy below.
Data collection on this website
Who is responsible for data collection on this website?
The data on this website is processed by the operator of the website. The operator's contact details can be found in the "Responsible party" section of this data protection declaration.
How do we collect your data?
Some of the data is collected when you provide it to us, for example by filling out a contact form.
Other data is automatically collected by our IT systems as soon as you visit the website. This includes technical data such as the Internet browser used, the operating system or the time of the page access.
What do we use your data for?
Some data is collected to ensure the error-free delivery of the website. Other data helps us to analyze your user behavior and to improve our website.
What rights do you have regarding your data?
You have the right to obtain information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You can also request that this data be corrected or deleted. You can revoke your consent to data processing at any time for the future. You also have the right to request that the processing of your data be restricted under certain conditions. You also have the right to object to the processing of your data. to complain to the competent supervisory authority.
If you have any questions about this or other data protection issues, you can contact us at any time.
hosting
Strato
The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereinafter "Strato"). When you visit our website, Strato records various log files, including your IP address.
Strato is used in accordance with Article 6 Paragraph 1 Letter f of the General Data Protection Regulation (GDPR). As the operator of the website, we have a legitimate interest in presenting our website as reliably as possible. If we obtain the corresponding consent, the processing will take place exclusively in accordance with Article 6 Paragraph 1 Letter a of the GDPR and Section 25 Paragraph 1 of the Telemedia Act (TTDSG). This applies in particular if the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) in accordance with the TTDSG. This consent can be revoked at any time.
order processing
We have concluded a data processing agreement (AVV) for the use of the above-mentioned service. This contract is an agreement required by data protection law that ensures that Strato only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
General information and mandatory information
data protection and data security
protection of your personal data
The operators of this website attach great importance to the protection of your personal data. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
collection and use of personal data
When you visit this website, various personal data is collected. Personal data is information that can be used to identify you personally. This privacy policy explains what data we collect and how we use it. It also describes how and for what purposes this is done.
Please note that data transmission over the Internet, for example when communicating by email, can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible body
The responsible body for data processing on this website is:
LinoraBel Ltd. Managing Director: Markus Nenner Gerhart-Hauptmann-Str. 13 69207 Heidelberg
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
storage period of your data
Unless a more specific storage period is specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law). In this case, deletion will take place once these reasons no longer apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, we will process your personal data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR if special categories of data according to Art. 9 (1) GDPR are affected. If you have expressly consented to the transfer of personal data to third countries, the processing will be carried out on the basis of Art. 49 Para. 1 lit. a GDPR. If you have consented to the storage of cookies or to access information on your device (e.g. via device fingerprinting), we will also process your data on the basis of Section 25 Para. 1 TTDSG. You can revoke your consent at any time.
If your data is required to fulfil a contract or to carry out pre-contractual measures, we will process your data on the basis of Art. 6 Paragraph 1 Letter b of GDPR. We will also process your data if this is necessary to fulfil a legal obligation. Obligation is necessary, on the basis of Art. 6 Para. 1 lit. c GDPR. The data processing can also be based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. In the following paragraphs of this data protection declaration we inform you about the legal bases applicable in each individual case.
recipients of personal data
As part of our business activities, we work with various external bodies, which sometimes requires the transmission of personal data. We only pass on personal data to external bodies if this is necessary to fulfill the contract, if we are legally obliged to do so (e.g. passing on to tax authorities), if we have a legitimate interest in the transfer in accordance with Art. 6 (1) (f) GDPR or if another legal basis allows this.
If we use data processors, we only transfer our customers' personal data on the basis of a valid data processing contract. In the case of joint processing, we conclude a joint processing contract. Further details on the recipients of personal data and the legal bases can be found in the following sections of this data protection declaration.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out up to the time of revocation remains unaffected.
Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)
IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARAGRAPH 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH ANY PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 PARA. 1 GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. THIS ALSO APPLIES TO PROFILING IN SO FAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THESE PURPOSES (OBJECTION ACCORDING TO ART. 21 PARA. 2 GDPR).
right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
right to data portability
You have the right to have data that we process automatically on the basis of your consent or to fulfill a contract handed over to you or to a third party in a common, machine-readable format. If you request that the data be transferred directly to another responsible party, this will only be done if it is technically feasible.
information, correction and deletion
Within the framework of the applicable legal provisions, you have the right to obtain information about your stored personal data free of charge at any time. This includes its origin, recipient and the purpose of data processing. You also have the right to request the correction or deletion of this data. You can contact us at any time for inquiries or further information on the subject of personal data.
right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can assert this right in the following cases:
● Verification of accuracy: If you dispute the accuracy of your personal data stored by us, you can request that processing be restricted for the duration of the verification.
● Unlawful processing: If your personal data has been processed unlawfully, you can request that the data processing be restricted instead of deleted.
● Legal claims: If we no longer need your personal data, but you require it to exercise, defend or assert legal claims you can request the restriction of processing instead of deletion.
● Objection: If you have lodged an objection in accordance with Art. 21 Para. 1 GDPR, a balance must be struck between your interests and ours. For the duration of this review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data has been restricted by you, they may - apart from their storage - only be processed with your consent or for the establishment, exercise or defence of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.
Encrypted payment transactions on this website
If, after concluding a paid contract, you are obliged to send us your payment details (e.g. account number for direct debit authorization), this data is required to process the payment. Payment transactions using common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. With encrypted communication, your payment details that you send to us cannot be read by third parties.
objection to advertising emails
The use of the contact data published as part of the imprint obligation to send unsolicited advertising and information materials is prohibited. The operators of this website expressly reserve the right to take legal action if unsolicited advertising information is sent, for example through spam emails.
data collection
server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type and browser version • operating system used • operating system used • Referrer URL • Hostname of the accessing computer • Time of the server request • IP address
This data will not be merged with other data sources.
This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - for this purpose, the server log files must be recorded.
cookies
Our website may use so-called "cookies". These small data packets are harmless on your device and are stored either temporarily for a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit, while permanent cookies remain on your device until you delete them manually or your browser deletes them automatically.
Cookies can either come from us (first-party cookies) or from third-party providers (third-party cookies). The latter enable the integration of third-party services on websites (e.g. payment services).
Cookies fulfil various functions. Some are technically necessary because certain website functions would not work without them (e.g. shopping cart function, video ads). Other cookies are used to analyse user behaviour or advertising purposes.
Cookies that are required for the execution of the electronic communication process, the provision of desired functions (e.g. shopping cart) or the optimization of the website (necessary cookies) are stored on Basis of Art. 6 Para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing these cookies to ensure error-free and optimized provision of its services. If consent to store cookies and similar technologies has been requested, processing will be carried out exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG); this consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, generally exclude the acceptance of cookies and activate the automatic deletion of cookies when closing the browser. However, this may limit the functionality of this website.
You can read about which cookies and services are used on this website in this privacy policy.
contact form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 Paragraph 1 Letter b of GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on Processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR), if this was requested. Consent can be revoked at any time.
The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
Inquiry by email, telephone or fax
If you contact us by email, telephone or fax, your request, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 Paragraph 1 Letter b of GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on Processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR), if this was requested. Consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.
registration on this website
You can register on this website to use additional functions on the site. We only use the data you enter for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.
For important changes, such as changes to the scope of our services or technically necessary changes, we use the email address you provided during registration to inform you of to inform you in this way.
The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if applicable, for Initiation of further contracts (Article 6 (1) (b) GDPR).
The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.
comment function on this website
For the comment function on this page, in addition to your comment, information on the time the comment was created, your email address and, if you do not post anonymously, the user name you have chosen will be stored.
social media
social media elements with Shariff
This website integrates various social media elements, including Facebook, X, Instagram, Pinterest, XING, LinkedIn and Tumblr.
The corresponding social media logos make these elements easily recognizable. To ensure data protection on our website, we use the “Shariff” solution. This technology ensures that personal data is not automatically transferred to the operators of the social media platforms as soon as you enter our site.
A connection to the social network servers is only established when you activate the respective social media element by clicking on the corresponding button. With this activation (consent), the operator receives the information that your IP address has visited our website. If you are logged into your social media account (for example, Facebook) at this time, the operator can assign the visit to our website to your profile.
Activating these plugins is considered consent within the meaning of Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG. This consent can be revoked at any time with effect for the future.
The purpose of using this service is to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 (1) (c) GDPR.
Facebook
This website contains elements of the social network Facebook. This service is provided by Meta Platforms Ireland Limited, with registered office at 4 Grand Canal Square, Dublin 2, Ireland. Please note that, according to Facebook, the data collected may also be transferred to the USA and other third countries.
As soon as the social media element is activated, a direct connection is established between your device and the Facebook server. In this way, Facebook receives the information that you have visited this website using your IP address. If you click the Facebook "Like button" and are logged into your Facebook account at the same time, you have the option of linking content from this website to your Facebook profile. This allows Facebook to assign the visit to this website to your user account.
Please note that we, as the provider of this website, have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in the Facebook privacy policy at: https://de- de.facebook.com/privacy/explanation .
The use of this service is based on your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG. This consent can be revoked at any time.
If personal data is collected on our website and transmitted to Facebook using the tool described here, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland share joint responsibility for this data processing in accordance with Article 26 of the GDPR. Our joint responsibility extends exclusively to the collection and transfer of data to Facebook. The subsequent processing by Facebook does not fall within the scope of our joint responsibility. The corresponding obligations are set out in a joint processing agreement. The exact content of this agreement can be found at: https://www.facebook.com/legal/controller_addendum . According to this agreement, it is our responsibility to provide the data protection information for the use of the Facebook tool and to integrate the tool securely into our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. If you would like to exercise your data subject rights (e.g. requests for information) regarding the data processed by Facebook, you can contact Facebook directly. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure that US companies comply with European data protection standards when processing data in the USA. Every company certified according to the DPF is committed to complying with these standards. You can obtain further information from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000GnywAAC&status=Active
Instagram
This website integrates functions of the Instagram service. These functions are provided by Meta Platforms Ireland Limited, with registered office at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When you activate the social media element, a direct connection is established between your device and the Instagram server. This means that Instagram receives information about your visit to this website.
If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This enables Instagram to associate your visit to this website with your user account. Please note that as the provider of these pages, we have no knowledge of the content of the data transmitted or how Instagram uses it. The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.
If personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, located at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing in accordance with Article 26 of the GDPR. This joint responsibility extends exclusively to the collection and forwarding of data to Facebook or Instagram. Any processing carried out by Facebook or Instagram after forwarding does not fall within the scope of our joint responsibility. The obligations incumbent upon us jointly have been recorded in a joint processing agreement. The exact wording of this agreement can be found at: https://www.facebook.com/legal/controller_addendum .
According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for implementing the tool on our website in a way that is secure in accordance with data protection law. The data security of the Facebook or Instagram products is the responsibility of Facebook. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure that US companies comply with European data protection standards when processing data in the USA. Every company certified according to the DPF is committed to complying with these standards. You can obtain further information from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000GnywAAC&status=Active
newsletter data
If you would like to subscribe to our newsletter offered on the website, we need your email address and information that confirms that you are the owner of the specified email address and that you agree to receive the newsletter. Additional data is only collected on a voluntary basis. We use various service providers to send the newsletter, which are described below.
newsletter distribution to existing customers
If you order goods or services from us and provide your email address, we may use it to send newsletters, provided we inform you of this in advance. In such a case, the newsletter will only be used to send direct advertising for our own similar goods or services. You can cancel the receipt of this newsletter at any time. A corresponding link is included in every newsletter. The legal basis for sending the newsletter in this case is Art. 6 Para. 1 lit. f GDPR in conjunction with Section 7 Para. 3 UWG. After unsubscribing from the newsletter distribution list, your email address may be saved in a blacklist to prevent future mailings. This data will only be used for this purpose and will not be merged with other data. This serves both your and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interests.
plugins and tools
hCaptcha
On our website we use hCaptcha (hereinafter “hCaptcha”), a service provided by Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (hereinafter “IMI”).
hCaptcha is used to check whether the data entered on our website, for example in a contact form, is being entered by a human or by an automated program. To determine this, hCaptcha analyzes the behavior of website visitors based on certain characteristics. This analysis starts automatically as soon as a visitor enters the page on which hCaptcha is activated. Various information such as the IP address, the time spent and mouse movements on the website are recorded and forwarded to IMI. If hCaptcha is used in "invisible mode", these analyses run completely in the background without the user being informed.
The data processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR, as the website operator has a legitimate interest in protecting its web offerings from misuse through automated access and from SPAM. If the corresponding consent has been obtained, the processing is based on Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG, provided that the consent also includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting). Consent can be revoked at any time.
The data will be processed on the basis of the standard contractual clauses contained in the Data Processing Addendum to IMI’s General Terms and Conditions and in the data processing agreements.
The company is certified according to the EU-US Data Privacy Framework (DPF), an agreement between the European Union and the USA that ensures that US companies comply with European data protection standards when processing data in the USA. Companies certified under the DPF are committed to upholding these standards. Further details can be found at: https://www.dataprivacyframework.gov/list
YouTube with enhanced data protection
This website embeds videos from the YouTube website. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of these websites on which YouTube is integrated, a connection is established to the YouTube servers. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in the extended data protection mode. According to YouTube, videos that are played in the extended data protection mode are not used to personalize surfing on YouTube. Ads that are played in the extended data protection mode are also not personalized. No cookies are set in the extended data protection mode. Instead, so-called local storage elements are stored in the user's browser, which, like cookies, contain personal data and can be used for recognition. Details on the extended data protection mode can be found here: https://support.google.com/youtube/answer/171780 .
After activating a YouTube video, further data processing operations may be triggered over which we have no influence.
YouTube is used in the interest of an appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when processing data in the USA. Every The DPF certified company is committed to complying with these data protection standards. You can obtain further information from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt000000001L5AAI&status=Active
eCommerce and payment providers
processing of customer and contract data
We collect, process and use personal customer and contract data to establish, design and modify our contractual relationships. We only collect, process and use personal data about the use of this website (usage data) to the extent that this is necessary to enable the user to use the service or to bill them. The legal basis for this is Art. 6 Para. 1 lit. b GDPR.
The customer data collected will be deleted after completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Statutory retention periods remain unaffected.
Data transfer when concluding a contract for online shops and retailers
If you order goods from us, we will pass on your personal data to the transport company entrusted with the delivery and to the payment service provider entrusted with the payment processing. Only data that the respective service provider needs to fulfil its task will be released. The legal basis for this is Art. 6 Para. 1 lit. b GDPR, which permits the processing of data to fulfil a contract or pre-contractual measures. If you have given your consent in accordance with Art. 6 Para. 1 lit. a GDPR, we will pass on your email address to the transport company entrusted with the delivery so that it can inform you by email about the shipping status of your order; you can revoke your consent at any time.
Data transfer when concluding a contract for services and digital content
We only transmit personal data to third parties if this is necessary for the performance of the contract, for example to the credit institution responsible for processing payments.
The data will not be transmitted to any other parties or will only be transmitted if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 (1) (b) GDPR, which permits the processing of data to fulfill a contract or for pre-contractual measures.
credit checks
When purchasing on account or using another payment method where we pay in advance, we can carry out a credit check (scoring). For this purpose, we transmit the data you enter (e.g. name, address, age or bank details) to a credit agency. The probability of a payment default is determined on the basis of this data. If the risk of payment default is excessive, we refuse the payment method in question.
The credit check is carried out on the basis of contract fulfilment (Art. 6 Para. 1 lit. b GDPR) and to avoid payment defaults (legitimate interest according to Art. 6 Para. 1 lit. f GDPR). If consent has been obtained, the credit check is carried out on the basis of this consent (Art. 6 Para. 1 lit. GDPR); the consent can be revoked at any time.
payment services
We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank details, credit card number) will be processed by the payment service provider for the purpose of payment processing. The respective contract and data protection provisions of the respective providers apply to these transactions. The payment service providers are used on the basis of Art. 6 Para. 1 lit. b GDPR (contract processing) and in the interest of a payment process that is as smooth, convenient and secure as possible (Art. 6 Para. 1 lit. f GDPR). If your consent is requested for certain actions, Art. 6 Para. 1 lit. a GDPR is the legal basis for data processing; consent can be revoked at any time for the future.
We use the following payment services / payment service providers on this website:
PayPal
The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).
The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). Klarna offers various payment options (e.g. installment purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. Klarna uses cookies to optimize the use of the Klarna checkout solution. Details on the use of Klarna cookies can be found at the following link: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf .
The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter "Sofort GmbH"). Using the "Sofortüberweisung" process, we receive a payment confirmation from Sofort GmbH in real time and can immediately begin to meet our obligations. If you have chosen the "Sofortüberweisung" payment method, you send the PIN and a valid TAN to Sofort GmbH, which it can use to log into your online banking account. After logging in, Sofort GmbH automatically checks your account balance and carries out the transfer to us using the TAN you have sent. It then immediately sends us a transaction confirmation. After logging in, your transactions, the credit limit of the overdraft facility and the existence of other accounts and their balances are also automatically checked. In addition to the PIN and TAN, the payment data you have entered and your personal data are also sent to Sofort GmbH. The personal data includes your first and last name, address, telephone number(s), email address, IP address and, if applicable, other data required for payment processing. The transmission of this data is necessary in order to establish your identity beyond doubt and to prevent attempted fraud. Details on payment with Sofortüberweisung can be found at the following link: https://www.klarna.com/sofort/ .
Shopify Payment
The provider of this payment service in the EU is Shopify International Limited, 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland (hereinafter “Shopify Payment”).
