Privacy policy

1. data protection at a glance

General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

If you have any questions about the GDPR and this website, please write to info@mirasouthseapearls.ch.
Thank you very much!

Data collection on this website



Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the legal notice of this website.



How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.



What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyse your user behaviour.



What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.



Analysis tools and tools from third-party providers
When you visit our website, your surfing behaviour may be statistically analysed. This is primarily done using cookies and so-called analysis programmes. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis. We will inform you about the objection options in this privacy policy under point 2.

2. general notes and mandatory information


Data protection
Based on Article 13 of the Swiss Federal Constitution, the data protection provisions of the Swiss Confederation (Data Protection Act, DSG) and the EU GDPR, every person is entitled to protection of their privacy and protection against misuse of their personal data.

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.



Responsible party & contact person
The party responsible for data processing on this website is

MIRA SOUTH SEA PEARLS KLG
Schwaderloch 7
8253 Diessenhofen

E-mail: info@mirasouthseapearls.ch

Imprint: https://mirasouthseapearls.ch/impressum
Contact person: Daniel Hutterli

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).



Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.



Right to lodge a complaint with the competent supervisory authority
In the event of breaches of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.



Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.



SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.



Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.



Objection to advertising emails
We hereby object to the use of contact data published within the scope of the legal notice obligation to send unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.


3. data collection on this website

Cookies
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in this privacy policy.



Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server enquiry
- IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.



What rights you have to your data
If you have an account on this website or have written comments, you can request an export of your personal data from us, including all data that you have provided to us. In addition, you can request the deletion of all personal data that we have stored about you. This does not include data that we are obliged to keep for administrative, legal or security reasons.



Making contact / contact form
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user's details are processed to process the contact enquiry and its handling in accordance with Art. 6 para. 1 lit. b) GDPR. The user's details may be stored in a customer relationship management system (CRM system) or a comparable enquiry organisation. The data you provide will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Purchase on account / credit check
For the purpose of credit checks for purchases on account, creditworthiness information is collected on the basis of mathematical-statistical procedures by Creditreform Schweiz, Teufener Strasse 36, 9001 St. Gallen and CRIF AG. Gallen and CRIF AG
Hagenholzstrasse 81, 8050 Zurich, Switzerland.

Comments
For the comment function on this page, in addition to your comment, information about the time the comment was created, your e-mail address and, if you are not posting anonymously, the user name you have chosen will be stored.

Storage of the IP address
Our comment function stores the IP addresses of users who post comments. As we do not check comments on our site before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.

Storage duration of comments
The comments and the associated data (e.g. IP address) are stored and remain on our website until the content commented on has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments).

Legal basis
Comments are stored on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing operations already carried out remains unaffected by the revocation.

For users who register on our website, we also store the personal information they provide in their user profiles. All users can view, change or delete their personal information at any time (the user name cannot be changed). Website administrators can also view and change this information.



Media
If you are a registered user and upload photos to this website, you should avoid uploading photos with an EXIF GPS location. Visitors to this website may download photos stored on this website and extract their location information.


Where we send your data
If we process data in a third country (i.e. outside the European Union or the European Economic Area) or if this occurs in the context of the use of third-party services or the disclosure or transfer of data to third parties, this will only take place if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests.

Subject to legal or contractual authorisations, we only process or have the data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").


Online presence in social media
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators of these platforms apply.

Unless otherwise stated in our privacy policy, we process users' data if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.


Contact information
You can contact us at any time with data protection-related questions via our email.

How we protect your data
We take data protection very seriously. All data is technically protected by multiple system firewalls, two-factor authentication and various database protection mechanisms.

What measures we offer in the event of data breaches
We have various reporting systems and contact mechanisms in place to recognise, rectify and circumvent potential and actual data leaks.

4. analysis services
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are stored on your computer and enable your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.



IP anonymisation
We have activated the IP anonymisation function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.



Browser plugin
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.



Objection to data collection
If you use several browsers, browser profiles or different computers or other devices with browsers, we would like to point out that any browser plugins or cookies that are intended to prevent the collection of data must be installed or set in each browser and browser profile on all devices that are to be excluded from the collection. These measures only ever take effect in the browser or browser profile for which they have been properly implemented.

Further information on the use of data by Google, setting and objection options can be found on the websites of

You can find more information on the handling of user data by Google Analytics in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.



Order data processing
We have concluded a contract with Google for commissioned data processing and fully implement the requirements of the data protection authorities when using Google Analytics.



Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM.

Further information about Google reCAPTCHA and Google's privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising programme of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").

As part of Google AdWords, we use what is known as conversion tracking. When you click on an advert placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognise that the user has clicked on the ad and has been redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their advert and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of "conversion cookies" is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.

You can find more information about Google AdWords and Google Conversion Tracking in Google's privacy policy: https://www.google.de/policies/privacy/.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.


5. plugins & tools
Embedded content from other websites
Posts on this website may contain embedded content (e.g. videos, images, posts, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking services and record your interaction with this embedded content, including your interaction with the embedded content if you have an account and are logged in to this website.



Integration of third-party services and content
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use content or service offers from third parties within our online offer. GDPR) content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always presupposes that the third-party providers of this content recognise the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyse information such as visitor traffic on the pages of this website. The pseudonymised information may also be stored in cookies on the user's device and may contain technical information about the browser and operating system, referring websites, visit time and other details about the use of our online offering, and may be linked to such information from other sources.



YouTube
We integrate the videos of the platform "YouTube" of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated



Pinterest
On our website, we use social plugins from the social network Pinterest, which is operated by Pinterest Inc, 808 Brannan Street San Francisco, CA 94103-490, USA.

Privacy policy: https://policy.pinterest.com/de/privacy-policy
Opt-out: https://tools.google.com/dlpage/gaoptout



Google Maps
We integrate the maps of the "Google Maps" service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated



Google Fonts
We integrate the fonts ("Google Fonts") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For technical reasons, however, your IP address must be transmitted to Google so that the fonts can be transferred to your browser.

Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://adssettings.google.com/authenticated

Social media
Sharing content via plugins (Facebook, Google+1, Twitter & Co.)
The content on our pages can be shared on social networks such as Facebook, Twitter or Google+ in compliance with data protection regulations. This site uses a sharing tool for this purpose. This tool only establishes direct contact between the networks and users when the user actively clicks on one of these buttons.

This tool does not automatically transfer user data to the operators of these platforms. If the user is logged in to one of the social networks, an information window appears when using the social buttons of Facebook, Google+1, Twitter & Co. in which the user can confirm the text before sending it.

Our users can share the content of this page on social networks in compliance with data protection regulations without complete surfing profiles being created by the network operators.



Facebook plugins (Like & Share button)
Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognise the Facebook plugins by the Facebook logo or the "Like" button on our site. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/.

When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.



Facebook remarketing
Within our online offer, so-called "Facebook pixels" of the social network Facebook, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are based in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), are used. With the help of the Facebook pixel, Facebook is able to determine the visitors to our website as a target group for the display of adverts, so-called "Facebook ads". Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our website. This means that with the help of the Facebook pixel, we want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook pixel, we can also track the effectiveness of Facebook adverts for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook advert.

The Facebook pixel is integrated directly by Facebook when you visit our website and can save a so-called cookie, i.e. a small file, on your device. If you subsequently log in to Facebook or visit Facebook while logged in, your visit to our website will be noted in your profile. The data collected about you is anonymous to us, so it does not allow us to draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. The data is processed by Facebook in accordance with Facebook's data usage policy. Accordingly, you can find more information on how the remarketing pixel works and how Facebook ads are displayed in general in Facebook's data usage policy: https://www.facebook.com/policy.php.

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To do this, you can go to the page set up by Facebook and follow the instructions on the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads or declare your objection via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.

Instagram plugin
Functions of the Instagram service are integrated on our pages. These functions are offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

Further information on this can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/.


6. newsletter

Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

Newsletter - dispatch service provider
With the following information, we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.

Content of the newsletter
We only send newsletters, emails and other electronic notifications containing advertising information (hereinafter "newsletter") with the consent of the recipient or with legal authorisation. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the user's consent. Otherwise, our newsletters contain information about our services and offers.

Registration data
To subscribe to the newsletter, simply enter your e-mail address. Optionally, we ask you to enter a name so that we can address you personally in the newsletter.

Cancellation/revocation
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter.

Newsletter - performance measurement
The newsletters contain a so-called "web-beacon", i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from their server. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, is initially collected.

This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our endeavour nor, if used, that of the mailing service provider to observe individual users. The analyses serve us much more to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.


Klaviyo
Our website uses Klaviyo, a marketing automation software from Klaviyo, 225 Franklin St, Boston, MA 02110, USA (http://www.klaviyo.com/). Klaviyo is a software company from the USA. Klaviyo helps us to analyse the use of our portal. Klaviyo uses cookies for this purpose.

Certain usage data is linked to your person (e.g. after entry in a registration form) and stored in our CRM. This enables us to send you information and offers that are specifically tailored to your interests.

Your personal data may also be forwarded to Klaviyo servers in the United States (USA). The appropriate level of protection is ensured by the fact that Klaviyo, Inc. participates in the EU-US Privacy Shield agreement and is certified for compliance with it.

We use Klaviyo to provide you with customised information and offers. Accordingly, we have a legitimate interest in this processing within the meaning of Art. 6 para. 1 lit. f) GDPR. The legal basis for the processing of your personal data by us in connection with the use of Klaviyo is Art. 6 para. 1 lit. f) General Data Protection Regulation.

When you use Klaviyo, we store your personal data for as long as is necessary to provide you with customised information and offers.

The provision of personal data collected via Klaviyo is not required by law or contract or necessary for the conclusion of a contract. If you do not provide us with this data, we will not be able to provide you with customised information and offers.

You can find more information on the use of data by Klaviyo in Klaviyo's privacy policy at: https://www.klaviyo.com/legal/privacy-notice.

You can object to the use of your data at any time, e.g. by sending an e-mail to our e-mail address in this privacy policy.

Klaviyo is certified under the terms of the "EU-U.S. Privacy Shield Framework" and is subject to TRUSTe's Privacy Seal and the "U.S.-Swiss Safe Harbor" Framework.

 

7. online shop

PayPal
The data controller has integrated PayPal components on this website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an e-mail address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to third parties or to receive payments. PayPal also acts as a trustee and offers buyer protection services.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

If the data subject selects "PayPal" as the payment option during the ordering process in our online shop, the data of the data subject is automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transfer of personal data required for payment processing.

The personal data transmitted to PayPal is usually first name, surname, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing. Personal data that is necessary for processing the purchase contract is also data that is related to the respective order.

The purpose of transmitting the data is payment processing and fraud prevention. The controller will transmit personal data to PayPal in particular if there is a legitimate interest in the transmission. The personal data exchanged between PayPal and the controller may be transmitted by PayPal to credit reference agencies. The purpose of this transmission is to check identity and creditworthiness.

PayPal may pass on the personal data to affiliated companies and service providers or subcontractors if this is necessary to fulfil contractual obligations or if the data is to be processed on behalf of PayPal.

The data subject has the option to withdraw consent to the handling of personal data from PayPal at any time. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.

The applicable data protection provisions of PayPal may be retrieved under https://www.paypal.com/de/webapps/mpp/ua/privacy-full.



Shopify Payments
If you opt for the "credit card" payment method of the payment service provider Stripe, payment processing is carried out via the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, to whom we pass on the information you provided during the ordering process together with information about your order (name, address, account number, bank code, credit card number if applicable, invoice amount, currency and transaction number). Your data will only be passed on for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. You can find more information about Stripe's data protection at the URL https://stripe.com/de/terms

Stripe uses cookies to optimise the use of the Mollie checkout solution. The optimisation of the checkout solution constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Cookies are small text files that are stored on your end device and do not cause any damage. They remain on your device until you delete them.

The transmission of your data to Stripe is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the fulfilment of a contract). You have the option to withdraw your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past



8. hosting
The hosting services we use serve to provide the following services

- Infrastructure and platform services,
- computing capacity,
- storage space and database services,
- security services and
- technical maintenance services that we use for the purpose of operating this online offering.


In doing so, we or our hosting provider process

- Inventory data,
- contact data,
- content data,
- contract data,
- usage data,
- meta and communication data

of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in the efficient and secure provision of our online offers in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of order processing contract). Art. 28 GDPR (conclusion of order processing contract).



Collection of access data and log files
We, or our hosting provider, collect on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR, we or our hosting provider collect data about every access to the server on which this service is located (so-called server log files).

The access data includes

- the name of the website accessed or the respective subpage
- the file
- the date and time of access
- the amount of data transferred
- a message about the successful retrieval
- the browser type and version
- the user's operating system
- the referrer URL (the previously visited page or website)
- the IP address
- the requesting provider

Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.



Provision of contractual services

We process:

- Inventory data (e.g. names and addresses as well as contact data of users) and
- Contract data (e.g. services used, names of contact persons, payment information)

for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 para. 1 lit b. GDPR.

The entries marked as mandatory in online forms are required for the conclusion of the contract.

The data will be deleted after the expiry of statutory warranty and comparable obligations. In the case of statutory archiving obligations, the deletion takes place after their expiry. Information in any customer account remains until it is deleted.