Information obligations according to Art.13 DS-GVO
The protection of your privacy in the processing of personal data is an important concern for us. When you visit our website, our web servers store by default the IP of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of the visit. This information is absolutely necessary for the technical transmission of the web pages and secure server operation. A personalized evaluation of this data does not take place.
If you send us data via contact form, this data will be stored on our servers in the course of data backup. Your data will be used by us exclusively to process your request. Your data will be treated strictly confidential. A transfer to third parties does not take place.
- WHO IS RESPONSIBLE FOR DATA PROCESSING AND WHOM CAN YOU CONTACT?
- WHAT DATA ARE PROCESSED AND FROM WHAT SOURCES DO THESE DATA ORIGINATE?
- FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS IS THE DATA PROCESSED?
- PROCESSING OF PERSONAL DATA FOR ADVERTISING PURPOSES
- WHO RECEIVES MY DATA?
- HOW LONG WILL MY DATA BE STORED?
- ARE PERSONAL DATA TRANSMITTED TO A THIRD COUNTRY?
- WHAT DATA PROTECTION RIGHTS DO I HAVE?
- AM I OBLIGED TO PROVIDE DATA?
- AUTOMATICALLY STORED NON-PERSONAL DATA
- GOOGLE TAG MANAGER
- GOOGLE ANALYTICS
- Google Ad Services / Google AdWords Conversion Tracking
- Facebook Custom Audiences Pixels
- Visual Website Optimizer
- CRM Ads
- PAYONE GmbH
- Criteo GmbH
- Microsoft Advertising
- Linkster GmbH
- TikTok Pixel
- Reviews (Reviews.io)
- CHANGEMAKERS MEMBERSHIP AND PROFILE BUILDING
- AFFECTED RIGHTS
- Cloudflare Turnstyle
- Chatbot Solvemate
1. Who is responsible for data processing and whom can you contact?
Social Fashion Company GmbH
Tel: +49 (221) 29 23 29 0
Email: [email protected]
The company data protection officer is:
Herr Christian Volkmer
Projekt 29 GmbH & Co. KG
Tel.: +49 941 2986930
Fax: +49 941 29869316
E-Mail: [email protected]
If our Data Protection Officer is unable to respond to your request to your satisfaction, you will in any case have the right to lodge a complaint with the data protection supervisory authority responsible for your federal state.
2. What data are processed and from what sources do these data originate?
Personal data include:
Your master/contact data, for customers this includes, for example, first and last name, address, contact details (e-mail address, telephone number, date of birth)
For applicants and employees, this includes, for example, first and last name, address, contact data (e-mail address, telephone number), date of birth, data from curriculum vitae and job references, bank data, religious affiliation, picture recordings.
For business partners, this includes, for example, the designation of their legal representatives, company name, commercial registration number, VAT number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank data.
For visitors to our company, this includes name and signature.
For journalists, this includes first and last name, e-mail address, fax number.
For raffle participants this includes first and last name, e-mail address.
In addition, we also process the following other personal data:
- Information on the nature and content of contract data, order data, sales and document data, customer and supplier history and consulting documents,
- Advertising and sales data,
- information from your electronic traffic with us (e.g. IP address, log-in data),
- other data that we have received from you in the course of our business relationship (e.g., in customer meetings),
- data that we generate ourselves from master / contact data as well as other data, such as by means of customer demand and customer potential analyses,
- documentation of your declaration of consent for the receipt of e.g. newsletters.
- photo shoots in the context of events.
3. For what purposes and on what legal basis is the data processed?
We process your data in accordance with the provisions of the General Data Protection Regulation (DS-GVO) and the Federal Data Protection Act 2018, as amended:
for the fulfillment of (pre-)contractual obligations (Art 6 para 1lit.b DS-GVO):
The processing of your data takes place for contract processing online. In particular, the data is processed during business initiation and during the execution of contracts with you.
For the fulfillment of legal obligations (Art 6 para 1 lit.c DS-GVO):
A processing of your data is necessary for the purpose of fulfilling various legal obligations, for example, from the Commercial Code or the Fiscal Code.
For the protection of legitimate interests (Art 6 para 1 lit.f DS-GVO):
Based on a balancing of interests, data processing may take place beyond the actual fulfillment of the contract for the protection of legitimate interests of us or third parties. Data processing for the protection of legitimate interests occurs, for example, in the following cases:
- Advertising or marketing (see No. 4),
- Measures for business management and further development of services and products;
- Maintaining a customer database to improve customer service
- in the context of law enforcement
- Sending non-promotional information and press releases
with your consent (Art 6 para 1lit.a DSGVO):
If you have given us consent to process your data, e.g. to send you our newsletter, publication of photos, sweepstakes, etc.
4. Processing of personal data for advertising purposes
You can object to the use of your personal data for advertising purposes at any time, either in whole or for individual measures, without incurring any costs other than the transmission costs according to the prime rates.
We are entitled under the legal conditions of § 7 Abs.3 UWG to use the e-mail address that you provided when concluding the contract for direct advertising for our own similar goods or services. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter.
If you do not wish to receive such recommendations by e-mail from us, you can object to the use of your address for this purpose at any time without incurring any costs other than the transmission costs according to the prime rates. A message in text form is sufficient for this purpose. Of course, an unsubscribe link is always included in every email.
5. Who receives my data?
If we use a service provider in the sense of an order processing, we remain responsible for the protection of your data. All order processors are contractually obligated to treat your data confidentially and to process it only in the context of the service provision. The processors commissioned by us receive your data if they need the data to perform their respective services. These are, for example, IT service providers that we need for the operation and security of our IT system, as well as advertising and address publishers for their own advertising campaigns.
Your data will be processed in our customer database. The customer database supports data quality enhancement of existing customer data (duplicate cleansing, moved/deceased indicators, address correction), and enables enrichment with data from public sources.
In the event of a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors may be recipients of your data. In addition, for the purpose of contract initiation and performance, insurance companies, banks, credit agencies and service providers may be recipients of your data.
6. How long will my data be stored?
We process your data until the termination of the business relationship or until the expiry of the applicable statutory retention periods (such as from the Commercial Code, the Tax Code, or Working Hours Act); beyond that until the termination of any legal disputes in which the data is needed as evidence..
7. Are personal data transmitted to a third country?
In principle, we do not transfer any data to a third country. A transfer takes place in individual cases only on the basis of an adequacy decision of the European Commission, standard contractual clauses, appropriate safeguards or your express consent.
8. What data protection rights do I have?
You have a right to information, correction, deletion or restriction of the processing of your stored data at any time, a right to object to the processing as well as a right to data portability and to lodge a complaint in accordance with the requirements of data protection law.
Right to information:
You can request information from us as to whether and to what extent we process your data.
Right to rectification:
If we process your data that is incomplete or incorrect, you can request that we correct or complete it at any time.
Right to erasure:
You can request that we erase your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate interests of protection. Please note that there may be reasons that prevent immediate deletion, for example, in the case of legally regulated retention obligations.
Independent on the exercise of your right to deletion, we will delete your data immediately and completely, provided that no relevant legal or statutory retention obligation is opposed.
Right to restriction of processing:
You may request us to restrict the processing of your data if
- you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of the data.
- the processing of the data is unlawful, but you refuse erasure and instead request restriction of the use of the data,
- we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
- you have objected to the processing of the data.
Right to data portability:
You may request that we provide you with your data that you have provided to us in a structured, common and machine-readable format and that you may transfer this data to another controller without hindrance from us, provided that
- we process this data on the basis of a revocable consent given by you or for the performance of a contract between us, and
- this processing is carried out with the help of automated procedures.
If technically feasible, you can request us to transfer your data directly to another controller.
Right of objection:
If we process your data for legitimate interest, you can object to this data processing at any time; this would also apply to profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purpose of direct marketing at any time without giving reasons.
Right of complaint:
If you are of the opinion that we violate German or European data protection law when processing your data, we ask you to contact us to clarify any questions. Of course, you also have the right to contact the supervisory authority responsible for you, the respective state office for data protection supervision.
If you wish to assert one of the aforementioned rights against us, please contact our data protection officer. In case of doubt, we may request additional information to confirm your identity.
9. Am I obliged to provide data?
The processing of your data is necessary for the conclusion or fulfillment of your contract entered into with us. If you do not provide us with this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and consequently have to terminate it. However, you are not obliged to give your consent to data processing with regard to data that is not relevant for the fulfillment of the contract or that is not required by law.
10. Automatically stored non-personal data
When you visit our Internet pages, we store certain information for administrative and technical reasons. These are: type and version of the browser used, date and time of access, as well as the IP address.
This data is anonymised and used only for statistical purposes or to improve our Internet and online services.
This anonymised data is then stored on secure systems - separately from personal data - and cannot be matched to any specific individuals. This means that your personal data is protected at all times.
12. Google Tag Manager
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, dwell time, operating systems used and the origin of the user. This data is summarized in a user ID and assigned to the respective end device of the website visitor.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data sets and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there. The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
We use Google signals. When you visit our website, Google Analytics collects, among other things, your location, search history and YouTube history, as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google signals. If you have a Google account, Google Signal's visitor data is linked to your Google account and used for personalized advertising messages. The data is also used to compile anonymized statistics on the user behavior of our users.
Google Analytics E-Commerce-Messung
This website uses the "E-Commerce Measurement" function of Google Analytics. With the help of E-CommerceMeasurement, the website operator can analyze the purchasing behavior of website visitors in order to improve its online marketing campaigns. This involves recording information such as orders placed, average order values, shipping costs and the time from viewing to purchasing a product. This data can be summarized by Google under a transaction ID, which is assigned to the respective user or his device.
14. Google Ad Services / Google AdWords Conversion Tracking
If you would like to learn more about these methods or know what options you have to prevent Google from using this information, please click here: https://adssettings.google.com
15. Facebook Custom Audiences Pixels
We use "Custom Audiences Pixel" from Meta Patforms Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") to present interest-based advertisements to visitors to our website during their visit to Facebook. For this purpose, we have implemented a pixel of Facebook on our website, which establishes a direct connection to the Facebook servers when you visit our website. Information is sent to the Facebook server that you have visited our website and Facebook is assigning this information to your personal Facebook user account. For more information about Facebook's collection and use of the data and your rights and options for ensuring your privacy in this respect, please see the data protection information issued by Facebook at https://www.facebook.com/about/privacy/.
16. Visual Website Optimizer
This website uses the analysis tool Visual Website Optimizer provided by Wingfiy (hereafter also referred to as VWO), with the aim of learning more about the use of our website and thereby optimising our offers. In carrying out the analyses, we comply with the provisions of German data protection law and, in particular, do not use any personal data. If you do not want VWO to store data about your use of our website, you can object to its use. You can submit an opt-out declaration with just one click and thereby prevent being included in analyses by VWO in the future. Use of the opt-out link http://visualwebsiteoptimizer.com/opt-out.php or the function offered on the target page sets a cookie for exclusion from the Visual Website Optimizer analysis tool. This opt-out declaration applies for as long as the cookie is not deleted. The cookie is only set for our website under the named domain, per browser and computer. If you visit our website from more than one computer or with different browsers, we recommend that you set the opt-out cookie for each computer and browser. You can object to the storage of your anonymously recorded visitor data at any time for the future on the http://visualwebsiteoptimizer.com/opt-out.php by entering the web address of our URL: https://www.armedangels.com in the field provided.
The external service provider Emarsys eMarketing Systems AG, Märzstrasse 1, 1150 Vienna ("Emarsys") has been commissioned for certain activities associated with the website and email communication of Rindchen's Weinkontor. This service provider processes data exclusively in accordance with the instructions of Rindchen's Weinkontor and is also bound by this data protection information. Under no circumstances may this service provider use data that it has collected or processed on our behalf for its own purposes.
Emarsys does not store or use your computer's IP address for marketing purposes. The IP addresses collected by Emarsys web servers are only stored for a very short time and are used exclusively to detect and prevent misuse.
Emarsys stores cookies on your computer through your web browser. The cookies and the identification numbers stored in them will not be associated with your name, address, email address or other personally identifiable information unless you have expressly permitted us to send you information that is specifically tailored to your interests. Emarsys uses these cookies to recognise your browser so that we can track your movements on our website and measure the success of certain marketing measures. We use this information to improve the website of Rindchen's Weinkontor and our email newsletters, in particular by adapting our information and offers to the individual interests and needs of users.
You can object to the cookie-based collection and analysis of online data described above by clicking on http://www.scarabresearch.com/privacy/#optout.When you exercise this option, an anonymous "opt-out" cookie is stored in your web browser, which informs the Emarsys web server of your objection and thereby prevents data collection. The opt-out cookie remains effective in the browser you are using until you delete it with the options available in this browser. However, if you delete the cookie or use another browser or computer, Emarsys will no longer be able to recognise that you have declared such an objection. Alternatively, you can set your browser not to accept cookies.
18. CRM Ads
We use CRM ads provided by Emarsys eMarketing Systems AG, Märzstrasse 1, 1150 Wien (https://www.emarsys.com/en/privacy-policy). We work with Facebook Audience Manager and Google Customer Match to target you with advertising which we think is the most relevant to you from time to time. This feature allows us to target ads to you as part of a specific set of people, based on your preferences. We do not transfer any of your personal data, such as name or email address, to such third party networks. These networks only receive a unique identifier. You can manage your privacy settings in the privacy tab of your account(s) with such third parties. You can find further details on
19. PAYONE GmbH
PAYONE is a service of PAYONE GmbH, Daniel-Goldbach-Straße 17-19, 40880 Ratingen, Germany, through which all payment processes are processed for purchases via our website. To process your payment, we transmit your data to our payment provider PAYONE (PAYONE GmbH; payone.com) via a secure connection upon completion of the order. All entries and checks regarding your payment are carried out and stored by the payment processor. Further information can be found at: https://www.bspayone.com/DE/en/privacy
20. Criteo GmbH
We use online marketing services of the provider Criteo GmbH on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO), we use the online marketing services of the provider Criteo GmbH, Gewürzmühlstr. 11, 80538 Munich, Germany.
Criteo's services allow us to display advertisements for and on our website in a more targeted manner in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products in which he or she has shown interest on other websites, this is referred to as "remarketing". For these purposes, when our website and other websites on which Criteo is active are called up, a code from Criteo is executed directly by Criteo and so-called (re)marketing tags are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user's device (comparable technologies can also be used instead of cookies). This file records which web pages the user has visited, which content he or she is interested in and which offers he or she has clicked on, as well as technical information on the browser and operating system, referring web pages, time of visit and other information on the use of the online offer. Criteo may also combine the aforementioned information with information from other sources. If the user subsequently visits other websites, he or she can be shown ads tailored to his or her interests.
The processing of user data is pseudonymous, i.e. no clear user data (such as names) is processed and IP addresses of users are shortened. Processing only takes place on the basis of an online identifier, a technical ID. Any IDs (e.g. of a customer care system) or e-mail addresses provided to Criteo are encrypted and stored as a series of characters that do not allow identification.
21. Microsoft Advertising
We use Universal Event Tracking (UET) on our website via the Microsoft Advertising (formerly Bing Ads) service of Microsoft Corporation (USA). Via UET, Microsoft saves a cookie in the user's browser to enable an analysis of the use of our online offer. The prerequisite for this is that the user has reached our website via an advertisement from Microsoft Advertising. In this way, Microsoft and we can recognise that someone has clicked on an advertisement, has been redirected to our online offer and has reached a previously determined target page (so-called conversion measurement). No IP addresses are stored for this purpose. No further personal information about the identity of the user is provided.
Further information on these processing activities, the technologies used, stored data and the storage period can be found in the settings of our Consent Management Tool. Microsoft Advertising is only used with your consent in accordance with Art. 6 (1) a DSGVO.
In the case of Microsoft services, the transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". Further information on data protection at Microsoft can be found in Microsoft's privacy statement at privacy.microsoft.com/en/privacystatement.
22. Linkster GmbH
On this page we use the tracking technology of Linkster GmbH, Geschwister-Scholl-Straße 52, 20251 Hamburg, to measure and visualize insights into partnerships and advertising channels. This is a function for measuring the efficiency of the corresponding advertising measures. Furthermore, the information enables us to assign advertising successes for billing with corresponding advertising partners. If you click on an advertising integration, cookies are set in your browser, which are read out in the event of a transaction. At every touch point, your browser sends an HTTP request to the Linkster server with which certain information is transmitted. This information includes the URL of the website on which advertising material is placed (referrer URL), the browser identifier (user agent) of your end device (including information about the device type and the operating system), the IP address of the end device (This IP address is anonymized and hashed by us before storage), HTTP header (data packet automatically transmitted by your browser with various technical information), the time of the request and, if previously saved on the device, the cookie with its Content.
A cookie is a small data packet that is exchanged between your browser and the server. The information relevant to the web application can be stored and transmitted in this data package, e.g. the content of a virtual shopping cart. The tracking technology stores cookies on your end device to document actions. A 24-digit, anonymous ID is stored in the cookie. Linked to this ID, the data is encrypted in our database on the server. This contains information about the last touch points (i.e. when a particular advertising material was displayed or clicked on by a device). The stored touch points can, if necessary, be combined to form a sequence chain (user journey). With an action request, the order number and the shopping cart value of your order are usually also transmitted and saved by us.
The cookies saved by Linkster GmbH are deleted after 30 days at the latest. The information transmitted to us and the cookies only serve the purpose of correctly assigning the success of an advertising medium and the corresponding billing and is in line with our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. If you do not want cookies to be stored in your browser, you can do this by setting your browser accordingly. You can deactivate the storage of cookies in your browser under Extras / Internet options, restrict them to certain websites or set your browser so that it notifies you as soon as a cookie is sent. Please note, however, that in this case you will have to reckon with a limited display of online offers and limited user guidance. You can also delete cookies at any time. In this case, the information stored in it will be removed from your device. The collection and processing of tracking data can also be deactivated by clicking on this tracking optout link: https://trck.linkster.co/privacy-optout.do
Viewing your data: https://trck.linkster.co/privacy-mydata.do
23. Pinterest Conversion Tracking
Our website uses the conversion tracking technology of the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), which enables us to display relevant advertisements and offers on Pinterest to our website visitors who have already taken an interest in our website and our content/offers and are Pinterest members. For this purpose, a so-called conversion tracking pixel from Pinterest is integrated on our pages, via which Pinterest is informed when you visit our website that you have already called up our website and in which parts of our offer you were interested. If, for example, you were interested in certain products on our website, you may be shown an ad for our product on Pinterest.
You can deactivate the collection of data for the display of interest-based advertising on Pinterest at any time in your Pinterest account settings at https://www.pinterest.de/settings.
24. TikTok Pixel
We use on this website the so-called "TikTok pixel" of the provider TikTok (for EU: TikTok Information Technologies UK Limited, Aviation House, 125 Kingsway Holborn, London, WC2B 6NH.). This is a code which we have implemented on our site. With the help of this code, in the case of your explicit consent, a connection is established with the TikTok servers when you visit our website, in order to track your behavior on our website. For example, when you purchase a product on our website, the TikTok pixel is triggered and stores your actions on our website in one or more cookies. You have the option to revoke your consent at any time with effect for the future. There are no costs for this other than the basic rates.
Personal data such as your IP address and email address, as well as other information such as device ID, device type and operating system may also be transferred to TikTok. TikTok uses email or other login or device information to identify users of our website and associate their actions with a TikTok user account.
TikTok uses this data to display targeted and personalized advertising to its users and to create interest-based user profiles. The collected data is anonymous and not visible to us and is only used to measure the effectiveness of ad placements.
In principle, your data will be processed within the EU or the EEA. For this purpose, a corresponding data protection agreement has been concluded with TikTok. If personal data is transferred to countries outside the EU or EEA, this is done within the framework of the Commission's model contracts for the transfer of personal data to third countries (i.e. standard contractual clauses).
26. Reviews (Review.io)
On our website you have the possibility to write reviews. For this purpose, we use "Reviews.io", a service of REVIEWS.io 2020 GMBH, Stralauer Allee 6, 10245 Berlin, Germany. Through Reviews.io we can collect customer reviews and publish them on our website.
In order for you to be able to write a review, Review.io requires your name or a pseudonym and your email address (which is not published). As soon as you write a review on Review.io, the service automatically creates an account for you.
The processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations already carried out remains unaffected by the revocation. In the event of revocation of your consent, we will delete or anonymize the review.
Reviews can be submitted in such a way that it is not possible for other website users to identify you. It is up to you to decide whether you want to provide personal information beyond the mandatory information. Please note that when choosing your pseudonym as well as within the text fields and when uploading photos, it is also possible to provide information that allows for identification of your person. We recommend that you write your review text without providing personal data and design photos accordingly. We reserve the right not to publish or (partially) anonymize reviews that contain personal data.
Furthermore, Review.io performs the following processing for us as part of the review:
- Identification as a reviewer when you log in to our website and visit the website again
- Verify the authenticity of your ratings Answer your questions and provide appropriate customer support
- Forwarding of our messages when we have responded to your review
We have concluded an order processing agreement with Review.io in accordance with the requirements of Art. 28 DSGVO, in which we obligate it to protect the data of our customers and not to pass it on to third parties.
We offer a newsletter to inform you regularly about our products, services and other offers.
The newsletter is sent via the provider Emarsys.
As a subscriber, in addition to the actual newsletter, you can also be informed about circumstances that are relevant to the newsletter service or the registration itself (e.g. changes to the newsletter offer or technical reasons). Such information will also be sent to the e-mail address you provide.
To register for the newsletter, it is sufficient to provide your e-mail address (mandatory field). If you do not provide us with your e-mail address, we will not be able to send you our newsletter.
In order to verify that a registration was actually made by the owner of the registered e-mail address, we use the so-called "double opt-in" procedure. For this purpose, you will receive a confirmation e-mail from us after submitting your e-mail address, in which you must confirm your registration for the newsletter by clicking on a link. Only after this confirmation will your e-mail address be included in the newsletter distribution list. As proof for us, we log the registration for the newsletter, the sending of the confirmation e-mail and the receipt of the requested confirmation. The time of registration and confirmation as well as your IP address are also stored.
The data is stored for the duration of the subscription to our newsletter and deleted after unsubscribing from the newsletter, unless legal retention periods require longer storage. The legal basis for sending the newsletter is your consent according to Art. 6 para. 1 lit. a DSGVO. The legal basis for logging the aforementioned data is the protection of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO.
You can revoke your consent to the storage of your personal data and its use for sending the newsletter at any time with effect for the future. For this purpose, there is a corresponding unsubscribe link in each newsletter. You can also inform us of your revocation at any time via the above-mentioned contact options. Insofar as we also send our newsletter to existing customers who have not already consented to receive the newsletter as part of their CHANGEMAKERS membership, the legal basis for this is our legitimate interest in direct advertising for similar goods or services. This applies in any case as long as you, as an existing customer, have not objected to the receipt of such newsletters, § 7 para. 3 UWG, Art. 6 para. 1 lit. f DSGVO.In order to improve our newsletter, we may collect data for statistical evaluation and performance measurement of the newsletter . This is done exclusively on the basis of your consent, which you gave when registering for the newsletter.
28. Changemakers Membership and Profiling
We offer you the opportunity to become a CHANGEMAKER and join our CHANGEMAKERS CLUB. As a CHANGEMAKER, you will receive various benefits from us, such as free shipping, early participation in sales promotions or exclusive product advice from our customer service. When signing up, we may process your name, address and date of birth as well as your purchase data.
An analysis of your web behavior (page views, shopping cart abandonment, visit time) might already take place when you give the necessary consent via our cookie banner.
However, the processing of your e-mail address is also necessary in order to be able to distinguish Club members from other customers with a user account or from ordering guests and to be able to fulfill the concluded membership contract, Art. 6 (1) lit. b DSGVO. If you do not provide us with your email address, you cannot become a CHANGEMAKER.
The processing of name and address and other information provided in the context of an order is necessary for the fulfillment of a purchase contract concluded with you, Art. 6 para. 1 lit. b DSGVO. If you also provided your date of birth when registering, we process this on the basis of your consent, Art. 6 para. 1 lit a DSGVO.
The data will be stored for the duration of your CHANGEMAKERS membership and beyond in accordance with the legal storage obligations (such as commercial or tax law) and then deleted. The membership in the CHANGEMAKERS CLUB is voluntary. In particular, it is not required to place orders via our online store.
Therefore, the consent to receive our newsletter is also not required for the conclusion and fulfillment of a sales contract. If you become a member of the CHANGEMAKERS CLUB, but also without such a membership, we can create a customer profile from you, which contains the following information:
- Master data (name, address, date of birth, e-mail address)
- Purchase data (product categories, order value, order frequency, returns).
We have taken technical and administrative security precautions to protect your personal data against loss, destruction, manipulation and unauthorised access. All of our employees and the service providers working for us are obliged to comply with the valid data protection laws.
Whenever we collect and process personal data, it is encrypted before being transmitted. This means that your data cannot be misused by third parties. Our security precautions are subject to a constant improvement process and our privacy policies are constantly being revised. Please make sure that you have the latest version.
30. Affected Rights
Please contact us at any time if you would like to know which personal data we store about you or if you would like to have it corrected or deleted. Furthermore, you have the right to restrict processing of the data (Art. 18 GDPR), a right of objection to such processing (Art. 21 GDPR) and the right to data transferability (Art. 20 GDPR). In these cases, please contact us directly. In these cases, please contact us directly.
31. Cloudflare Turnstyle
To protect against spam comments, we use the captcha Cloudflare Turnstile from the company Cloudflare, based in San Francisco/California/USA, on our server. Working in the background, Turnstile selects a set of browser challenges and looks for signals for a human user. In addition, Turnstile detects private access tokens from users of the latest versions of macOS or iOS, allowing Turnstile to validate a device with the help of the device provider without capturing, touching or storing the user's device data (Cloudflare claim). No data is transmitted to Cloudflare or any third party in the process, nor is any data stored by us. The use of Cloudflare Turnstile is based on Art. 6 (1) lit. f DSGVO, as we have a legitimate interest in the most effective protection against spam of our website.
This website uses the service "Fitfinder". Fitfinder is a service of Fit Analytics GmbH, Voigtstr. 3, 10247 Berlin. Fitfinder offers the following services:
- Real-time advice on clothing sizes
- Fit prediction services in the online stores of our partners
- Optimization of the overall quality of our consulting algorithms
All data collected in this manner remains anonymous. Fitanalytics does not collect or process any directly personal data (such as name, address, payment information) in this way. IP addresses transmitted to servers through standard back-end processes are irreversibly hashed and truncated immediately upon receipt. All data collected by the Fitanalytics application is stored on servers and databases within the European Union or in the end user's country of origin. No data in this category is transferred outside the European Union. All data is automatically deleted at the end of a specified retention period.
The legal basis for the use of Fitfinder is your consent in accordance with Art. 6 para. 1 lit. a DSGVO. Further information from the third-party provider on data protection can be found on the Facebook website below:https://widget.fitanalytics.com/documents/privacy_de.html
33. Chatbot Solvemate
We use a chatbot from Solvemate to communicate with you. Chatbots are able to respond to your questions and other input without human assistance. To do this, the chatbots analyze other data in addition to your input to provide appropriate responses (e.g., names, email addresses and other contact information, customer numbers and other identifiers, orders, and chat histories). Furthermore, the chatbot may collect your IP address, log files, location information and other metadata. This data is stored on the servers of the chatbot provider.
Based on the collected data, user profiles can be created. In addition, the data can be used for the playout of interest-based advertising, provided you have given your consent according to Art. 6 para. 1 lit. a DSGVO. For this purpose, the chatbots can be linked to analysis and advertising tools.
The collected data may also be used to improve our chatbots and their response behavior (machine learning).
The data you enter during communication will remain with us or the chatbot operator until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g., after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.
The legal basis for the use of the chatbot is Art. 6 (1) lit. b DSGVO, insofar as the chatbot is used for contract initiation or in the context of contract performance. If a corresponding consent has been requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time. In all other cases, the use is based on our legitimate interest in the most effective customer communication possible (Art. 6 para. 1 lit. f DSGVO).