Data Privacy
Your personal data (e.g., salutation, name, address, email address, telephone number, bank details, credit card number) are processed by us only in accordance with the provisions of German data protection law and the data protection law of the European Union (EU). The following regulations inform you about the purposes of processing, recipients, legal bases, storage periods, as well as your rights and the responsible party for your data processing. This privacy policy applies only to our websites. If you are redirected to other sites via links on our pages, please inform yourself there about the respective handling of your data.
§ 2 Data Processing for Contract Fulfillment
(1) Purpose of Processing
Your personal data that you provide to us during the ordering process are necessary for concluding a contract with us. You are not obliged to provide your personal data. However, without providing your address, we cannot send you the goods. For some payment methods, we require the necessary payment data to forward them to a payment service provider commissioned by us. Therefore, the processing of the data you entered during the ordering process is carried out for the purpose of fulfilling the contract. If you send us an inquiry via email, contact form, etc., before concluding a contract, we process the data received in this way to carry out pre-contractual measures and answer, for example, your questions about our products.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(b) GDPR.
(3) Categories of Recipients
Payment service providers, shipping service providers, hosting providers, possibly inventory management systems, possibly suppliers (dropshipping).
(4) Storage Duration
We store the data required for contract processing until the expiration of the statutory warranty and, if applicable, contractual warranty periods. The data required by commercial and tax law are retained for the legally specified periods, usually ten years (cf. § 257 HGB, § 147 AO). The data processed for carrying out pre-contractual measures are deleted as soon as the measures have been carried out and it is clear that no contract will be concluded.
§ 3 Comments / Reviews
(1) Purpose of Processing
There is an option to write a comment. Your data (e.g., name/pseudonym, email address, website) are then processed only for the purpose of publishing your comment.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(f) GDPR.
(3) Legitimate Interest
Our legitimate interest is the public exchange of user opinions on certain topics and products. The publication serves, among other things, transparency and opinion formation. Your interest in data protection remains safeguarded as you can publish your comment under a pseudonym.
(4) Storage Duration
A specific storage duration is not planned. You can request the deletion of your comment at any time.
(5) Right to Object
You have the right to object at any time to the processing of your personal data based on Art. 6 para. 1(f) GDPR, which does not serve direct marketing purposes, for reasons arising from your particular situation. In the case of direct marketing, you can object to the processing without providing any reasons at any time.
§ 4 Sample Dispatch
There is an option to order free samples in our shop. For this, we collect some data (e.g., name, address, email address, telephone number), which we use exclusively for sending samples. The data will not be used for any other purpose and will not be passed on to third parties without your explicit consent.
§ 5 Additional Information
(1) Purpose of Processing
The forwarding of the telephone number to the shipping company or direct telephone contact by us to notify the buyer about the shipping status and to clarify order details.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(a) GDPR.
§ 6 Credit Check by Klarna
Please note the following data protection provisions if you choose Klarna's payment services:
http://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy
§ 7 Web Analytics with Google Analytics
(1) Purpose of Processing
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses so-called "cookies," which are text files placed on your computer that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the case of activating IP anonymization on this website, your IP address is truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website usage and internet usage to the website operator.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(f) GDPR.
(3) Categories of Recipients
Google, partner companies
(4) Transfer to a Third Country
Google LLC based in the USA is certified for the US-EU Privacy Shield data protection agreement, which ensures compliance with the data protection level applicable in the EU.
(5) Storage Duration
Unlimited
(6) Right to Object
You can prevent the storage of cookies by appropriately setting your browser software; however, we point out that you may not be able to fully utilize all functions of this website in this case. You can also delete permanently stored cookies at any time via your browser.
§ 8 Information about Cookies
(1) Purpose of Processing
Technically necessary cookies are used on this website. These are small text files stored in or by your internet browser on your computer system. These cookies enable, for example, adding multiple products to a shopping cart.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(f) GDPR.
(3) Legitimate Interest
Our legitimate interest is the functionality of our website. The user data collected through technically necessary cookies are not used to create user profiles. This safeguards your interest in data protection.
(4) Storage Duration
Technically necessary cookies are usually deleted when the browser is closed. Permanently stored cookies have varying lifespans ranging from a few minutes to several years.
(5) Right to Object
If you do not wish to store these cookies, please disable the acceptance of these cookies in your internet browser. However, this may result in a functional limitation of our website. You can also delete permanently stored cookies at any time via your browser.
§ 9 Web Advertising Service with Google Adsense
(1) Purpose of Processing
Google Adsense, a web advertising service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), is used on these pages to display advertisements (text ads, banners, etc.). For this purpose, your browser stores cookies (small text files) on your hard drive. These cookies are used by Google to personalize content and ads, provide social media features, and analyze the traffic to our website. In apps, device identifiers are used. Additionally, information about your use of our website is shared with partners for social media, advertising, and analytics. These partners combine this information with other data that you have provided to them or that they have collected in the course of your use of the services.
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(a) GDPR.
(3) Categories of Recipients
Google, partner companies
(4) Transfer to a Third Country
Google LLC based in the USA is certified for the US-EU Privacy Shield data protection agreement, which ensures compliance with the data protection level applicable in the EU.
(5) Storage Duration
Your personal data are stored only as long as you have consented to the processing.
(6) Withdrawal of Consent
You can withdraw your consent at any time with effect for the future.
§ 10 Newsletter
(1) Purpose of Processing
When you subscribe to the newsletter, your email address is used for advertising purposes, i.e., within the framework of the newsletter, we inform you especially about products from our range. For statistical purposes, we may evaluate which links in the newsletter are clicked. In doing so, it is not recognizable to us which specific person clicked. You have given the following consent separately or, if applicable, expressly during the ordering process: Subscribe to newsletter
(2) Legal Basis
The legal basis for this processing is Art. 6 para. 1(a) GDPR.
(3) Storage Duration
Your email address is stored only for the duration of the desired subscription for newsletter dispatch.
(5) Right to Withdraw
You can withdraw your consent at any time with effect for the future. If you no longer wish to receive the newsletter, you can unsubscribe as follows: Via an unsubscribe link in the newsletter by email.
§ 11 Use of Google Remarketing
This website uses the Remarketing function of Google Inc. The function is intended to present interest-based advertisements to website visitors within the Google advertising network. A so-called "cookie" is stored in the visitor's browser, which allows the visitor to be recognized when they visit websites that belong to Google's advertising network. On these pages, advertisements related to content that the visitor previously viewed on websites using Google's Remarketing function can be displayed to the visitor.
According to Google's own statements, no personal data is collected in this process. If you do not wish to use Google's Remarketing function, you can generally disable it by adjusting the relevant settings at http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising via the Advertising Network Initiative by following the instructions at http://www.networkadvertising.org/managing/opt_out.asp.
§ 12 Google AdWords
Our website uses Google Conversion Tracking. If you reach our website via a Google advertisement, Google AdWords sets a cookie on your computer. The cookie for conversion tracking is set when a user clicks on a Google advertisement. These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google can recognize that the user clicked on the advertisement and was redirected to that page. Each Google AdWords customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. However, customers do not receive information that can personally identify users.
If you do not want to participate in tracking, you can refuse to set a cookie required for this purpose – for example, by setting your browser to disable automatic cookie setting or by configuring your browser to block cookies from the domain "googleleadservices.com."
Please note that you must not delete the opt-out cookies as long as you do not want any data to be recorded. If you have deleted all your cookies in your browser, you will need to set the respective opt-out cookie again.
§ 13 Rights of the Data Subject
If your personal data are being processed, you are a data subject under the GDPR and the following rights are available to you against us:
1. Right of Access
You can request confirmation from us as to whether personal data concerning you are being processed by us. If such processing exists, you can request access from us to the following information:
(1) the purposes for which the personal data are being processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information is not possible, the criteria used to determine the storage duration;
(5) the existence of the right to rectification or erasure of the personal data concerning you, the right to restriction of processing by us, or the right to object to this processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data, if the personal data were not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information about whether the personal data concerning you are being transferred to a third country or an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
2. Right to Rectification
You have the right to request the rectification and/or completion of your personal data if the processed personal data concerning you are incorrect or incomplete. We must make the rectification immediately.
3. Right to Restriction of Processing
Under the following conditions, you can request the restriction of processing of your personal data:
(1) if you contest the accuracy of the personal data concerning you for a period that allows us to verify their accuracy;
(2) if the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of use of the personal data;
(3) if we no longer need the personal data for the purposes of processing but you need them for the establishment, exercise, or defense of legal claims, or
(4) if you have objected to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether the legitimate interests to which the processing is based outweigh your reasons, or you have objected to the processing pursuant to Art. 21 para. 2 GDPR.
If the processing of your personal data has been restricted, these data – apart from their storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction of processing has been applied under the above conditions, you will be informed by us before the restriction is lifted.
4. Right to Erasure
a) Obligation to Erase
You can request that we immediately erase the personal data concerning you, and we are obliged to erase these data without delay if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1(a) GDPR or Art. 9 para. 2(a) GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
(4) The personal data concerning you have been unlawfully processed.
(5) The erasure of the personal data concerning you is required to comply with a legal obligation under Union or Member State law to which we are subject.
(6) The personal data concerning you have been collected in relation to services of the information society pursuant to Art. 8 para. 1 GDPR.
b) Information to Third Parties
If we have made the personal data concerning you public and are obliged to erase them pursuant to Art. 17 para. 1 GDPR, we will take appropriate measures, including technical measures, to inform the responsible parties who process the personal data about your request to erase all links to these personal data or copies or replications of these personal data, taking into account the available technology and the implementation costs. You have the right to be informed about these recipients.
c) Exceptions
The right to erasure does not apply where the processing is necessary for
(1) the exercise of the right to freedom of expression and information;
(2) the fulfillment of a legal obligation that requires the processing under Union or Member State law to which we are subject, or the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
(3) reasons of public interest in the area of public health pursuant to Art. 9 para. 2(h) and (i) GDPR and Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the right mentioned in section a) would likely make it impossible or seriously impair the achievement of the objectives of such processing, or
(5) for the establishment, exercise, or defense of legal claims.
5. Right to Information
If you have asserted the right to rectification, erasure, or restriction of processing against us, we are obliged to inform all recipients to whom the personal data concerning you have been disclosed about this rectification or erasure of the data or restriction of processing, unless this proves to be impossible or is associated with disproportionate effort. You have the right to be informed about these recipients.
6. Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit these data to another controller without hindrance, provided that
(1) the processing is based on your consent pursuant to Art. 6 para. 1(a) GDPR or Art. 9 para. 2(a) GDPR or on a contract pursuant to Art. 6 para. 1(b) GDPR, and
(2) the processing is carried out using automated means.
In exercising this right, you also have the right to obtain that the personal data concerning you are transmitted directly from us to another controller, provided that this is technically feasible. Freedoms and rights of other persons must not be affected in this way. The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
7. Right to Object
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on Art. 6 para. 1(e) or (f) GDPR, and this also applies to profiling based on these provisions. We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims. If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such purposes; this also applies to profiling insofar as it is connected with such direct marketing. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes. You have the option to exercise your right to object to this processing in connection with the use of information society services – notwithstanding Directive 2002/58/EC – by automated means using technical specifications.
8. Right to Withdraw Consent to Data Protection Declaration
You have the right to withdraw your consent to the data protection declaration at any time. Withdrawing consent does not affect the lawfulness of the processing carried out based on the consent prior to its withdrawal.
9. Automated Decision-Making Including Profiling
You have the right not to be subject to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for entering into or performing a contract between you and us,
(2) is permitted based on Union or Member State law to which we are subject and such Union or Member State law includes appropriate measures to protect your rights and freedoms as well as your legitimate interests, or
(3) is based on your explicit consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2(a) or (g) applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. Regarding the cases mentioned in (1) and (3), we take appropriate measures to safeguard your rights and freedoms as well as your legitimate interests.
10. Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your residence, your place of work, or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR. The supervisory authority with which the complaint is lodged will inform the complainant about the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Controller for Data Processing:
Christian Arnold
Altenburger Str. 21/2
04626 Schmölln
info(-at)dachfenster-riese.de
End of Privacy Policy
This privacy policy was created by the janolaw legal experts and reviewed in legal practice. Janolaw AG guarantees the top quality of this product and is liable in the event of warnings.