Go to homepage
0

Privacy

Privacy policy of Baum Selection

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal rules of the relevant data protection laws, in particular the European Data Protection Regulation (DSGVO). This privacy notice relates to our digital offerings including our social media profiles. Our digital offers may contain links to other websites of third party service providers, to which this data protection notice does not refer.

 

1. Responsible

Responsible for the processing of your personal data is

Baum Selection
Konstantin Baum
Marktplatz 18
76530 Baden-Baden
info@baumselection.de

If you have any questions regarding data protection at our company, please write to us at the aforementioned postal address, with the addition "Data Protection" or at the e-mail address given with the subject "Data Protection".

 

2. Purpose of the processing of personal data

2.1 Data processing for the provision of contractual services

We process personal data in order to handle the contractual relationships and in order to be able to submit needs-based contractual offers.

For all forms, we only collect the personal data that is absolutely necessary for processing the contractual relationships or for your request for information. This information is marked with an asterisk. The collection of data that is not absolutely necessary, but in which we have an interest in order to optimize the fulfillment of the purpose, is only optional. In this case, you decide in each case on a voluntary basis whether and which data you want to give us. For contract processing, we may need your correct name, address and payment data. We ask for your e-mail address and telephone number so that we can communicate with you in case of questions or problems regarding our services or our contractual relationship.

The basis for the data processing is Art. 6 para. 1 p. 1 lit. b DSGVO, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.

 

2.2 Customer area

On our website we offer the possibility to register for our customer area by providing personal data. For this purpose, we require the following information: First and last name, e-mail address and password.

The data in the customer area can be viewed, edited and deleted using your e-mail address and password. In case you have forgotten your password, you will find the link "Forgotten password" on the log-in page. You can enter a new password using your e-mail address. The personal data you enter will be processed in the context of using the customer area only to offer you the purchase of special wines. This can only be offered to registered users.

The basis for the data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

 

2.3 Data processing for communication with you

In addition to the contractual data, we process your communication data (name, address, telephone number and/or e-mail address) in order to process your inquiry and/or contact you, if necessary. Personal data that you provide to us by e-mail or via another communication channel opened by us will only be processed for correspondence with you or only for the purpose for which you have provided us with the data.

If you are interested in our services, the basis for data processing is Art. 6 (1) p. 1 lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures. Furthermore, we have an interest in processing and, if applicable, responding to your inquiry and the processing of your data for this purpose is based on Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden.

 

2.4 Comment function

On our blog, we offer you the opportunity to leave comments. When you submit a comment, in addition to your comment, information on the time of creation of the comment, the IP address assigned to you, your e-mail address and the name you provided will be stored. The comments and the associated aforementioned data are stored until the commented content has been completely deleted or the comments must be deleted for legal reasons. Since we may not check comments on our site before they are activated, we require this data in order to be able to take any necessary action in the event of legal violations such as insults or propaganda. We also reserve the right to delete comments if they are found to be illegal by third parties. The storage of the aforementioned data is also necessary for us, in particular, to be able to defend ourselves against liability claims in cases of possible publication of unlawful content. We need your e-mail address in order to contact you in the event that a third party should object to your comment as unlawful.

If you would like us to automatically recognize you the next time you visit our website, you can check this option below the comment function on some of our websites. A cookie required for this functionality will then be set on your computer (see our explanations in these data protection notes on cookies), in which no further personal data will be stored.

The basis for data processing is Art. 6 (1) sentence 1 lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures, or Art. 6 (1) sentence 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, unless the interests or fundamental rights and freedoms of the data subject are overridden. We have an interest in reviewing and, if necessary, prosecuting illegal content on our website.

 

2.5 Newsletter

With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers and news. If you would like to receive a newsletter offered by us, we require an e-mail address from you as well as information that allows us to verify that you are the owner:in the specified e-mail address and agree to receive the newsletter. For this purpose, we will send you an e-mail to the specified e-mail address with a confirmation link after your entry (double-opt-in). If you do not confirm your registration, your information will be blocked and automatically deleted after one month at the latest.

When you register, we store the data you provide and in each case your IP address, the time of registration and the time of confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. We do not collect any other data in this context. We use this data exclusively for sending the requested newsletter.

For sending our newsletters, we use the services of MailChimp of the provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp is a service with which, among other things, the sending of newsletters can be organized and analyzed. When you enter data for the purpose of receiving newsletters (e.g. e-mail address), this data is stored on MailChimp's servers in the USA. With the help of MailChimp, we can analyze our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web-beacon) connects to the servers of MailChimp in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. For more details, please refer to the privacy policy of MailChimp at: https://mailchimp.com/legal/privacy/.

Important in connection with data processing in the USA: The data protection standard in the USA is insufficient according to the European Court of Justice and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any legal remedy.

The data processing described above is based on your consent pursuant to Art. 6 para. 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO. You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter.

 

2.6 Cookies

We may use so-called cookies to provide you with website-specific services. Cookies are small text files that are stored on a visitor's computer and contain data about the respective user in order to provide access to various functions. 

Websites may use both session cookies and persistent cookies. A session cookie is temporarily stored on the computer you are using while you navigate through the website. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted.

We may work with third parties on some of our offers and therefore cookies from partner companies may also be stored when you visit such a website (third-party cookies). We may inform you in advance about the use of such cookies and the scope of the data stored or retrieved in each case. Supplementary information on the cookies used in each case can be obtained from the cookie tool used by us and the explanations provided there.

We use cookies that are necessary to enable us to provide the services owed by us or to ensure the functionality of our services. The legal basis for setting these cookies is Section 25 (2) No. 2 TDDDG.  The processing of personal data possibly carried out in this context is then based on Art. 6 para. 1 p. 1 lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures, or according to Art. 6 para. 1 p. 1 lit. f DSGVO, which permits data processing to safeguard the legitimate interests of the controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the controller in the data processing. Our interest then lies in ensuring the provision of the functions of our services.

For the use of other, non-essential cookies, we may obtain your consent. The setting of cookies is then based on your consent pursuant to Section 25 (1) TDDDG, any processing of personal data carried out in this context pursuant to Art. 6 (1) p. 1 lit. a DSGVO. You can revoke your consent at any time - among other things via the cookie tool integrated by us. The legality of the data processing already carried out on the basis of your consent remains unaffected by the revocation.

 

2.7 etracker

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.

Further information on data protection with etracker can be found here.


2.8 Google Analytics

On some of our web pages, Google Analytics may be used, integrated via the Google Tag Manager, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google"), provided that you have consented to this data processing. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. 

However, since IP anonymization is activated on our website in the case of the use of Google Analytics, your IP address will be truncated beforehand by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google LLC server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage.

For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/ . We would like to point out once again that on this website Google Analytics has been extended by the code "anonymizeIp" to ensure anonymized collection of IP addresses (so-called IP masking).

Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any legal remedy.

The data processing explained above may be based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. You can declare the revocation by making the appropriate setting in the consent management tool used, if applicable. The legality of the data processing operations already carried out remains unaffected by the revocation.

 

2.9 Data processing in the context of our Facebook- and Instagram- pages

We operate a company page (fan page) on the social network facebook.com ("Facebook") and a page/profile on the social network Instagram ("Instagram") of the company Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. For the operation of the aforementioned page, we are jointly responsible with Meta Platforms Ireland Limited ("Meta") within the meaning of Art. 4 No. 7 DSGVO. Linked here you will find Facebook's terms of use and policies as well as the joint responsibility agreement according to Art. 26 DSGVO.

For the type and scope of the information you provide, the associated purposes of the data processing, its lawfulness and information on exercising your rights, please refer to Facebook's privacy policy, as well as further information provided by Meta on the processing of "Insights data" (see above). Meta provides us with so-called page insights for our site. Page Insights (including https://www.facebook.com/business/a/page/page-insights) are aggregated data that allow us to gain insight into how people interact with our site. The generation and provision of these page insights is the responsibility of Facebook, we have no influence on it. This also applies to the data processing, which is carried out exclusively for the purposes of Meta Platforms Ireland Limited. Meta also assumes all obligations under the GDPR with regard to the processing of Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR).

The purpose of the data processing of the provided data by us is the statistical evaluation of the use of our company pages. This enables us, for example, to determine preferred visiting and posting times of our users and to use them for the optimization of our posts and our company pages. In addition, we process personal data made publicly available by you there (e.g., clear names in the user profile) as well as data directly related to activities on our company pages (e.g., contributions, posts, likes, marks), also for the purpose of communicating with you.

The basis for data processing is Art. 6 (1) p. 1 lit. b DSGVO, which permits the processing of data for the performance of a contract or pre-contractual measures, insofar as the data are processed in accordance with the Facebook or Instagram terms of use, otherwise, insofar as there is a data protection responsibility on our part, Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data for the protection of the legitimate interests of the controller, insofar as the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest lies in providing content and communicating with users of thesocial networks and improving the reach and effectiveness of our posts.

Please assert your rights to information, correction, deletion, restriction of processing and data portability of your stored Insights data against Meta, as Meta has assumed the corresponding obligations:

Meta Platforms Ireland Limited

4 Grand Canal Square
Dublin 2, Irland

Datenschutzerklärung: https://www.facebook.com/about/privacy/

 

2.10 Data processing in the context of our LinkedIn company page

We operate a company page in the social network linkedin.com of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn") and are provided with so-called page analytics by LinkedIn with regard to our services. We are jointly responsible with LinkedIn for this operation of the LinkedIn company page within the meaning of Art. 26 DSGVO.

For the type and scope of information provided to LinkedIn, the associated purposes of data processing by LinkedIn, its lawfulness, and information on exercising your rights, please refer to LinkedIn's privacy policy at the URL https://www.linkedin.com/legal/privacy-policy and the joint responsibility agreement, which can be found at the URL https://legal.linkedin.com/pages-joint-controller-addendum. Page Analytics is aggregated data that allows us to learn about how people interact with our site. The generation and provision of these page analytics is the responsibility of LinkedIn, we have no influence on it. LinkedIn assumes all obligations under the GDPR with regard to the processing of insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR).

The purpose of the data processing by us of the data provided by LinkedIn is the statistical evaluation of the use of our company page. This enables us, for example, to determine preferred visiting and posting times of our users and to use this data to optimize our posts and our company page. In addition, we process personal data made publicly available by you on LinkedIn (e.g., clear names in the user profile) as well as data directly related to activities on our company page (e.g., contributions, posts, likes, marks), also for the purpose of communicating with you.

The basis for the above data processing is Art. 6 para. 1 p. 1 lit. a DSGVO. Insofar as you have given corresponding consent to LinkedIn, you can revoke this consent at any time vis-à-vis LinkedIn with effect for the future. Insofar as you have given us consent in this regard, you can revoke this consent at any time vis-à-vis us with effect for the future. Otherwise, the basis for our data processing is Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest lies in providing content and communication with LinkedIn users and in improving the reach and effectiveness of our posts.

Please assert your rights to information, correction, deletion, restriction of processing and data portability of your stored Insights data against LinkedIn, as LinkedIn has assumed the corresponding obligations:

LinkedIn Ireland Unlimited Company

Wilton Place
Dublin 2
Irland

Datenschutzerklärung https://www.linkedin.com/legal/privacy-policy

 

2.11 Online presences in other social networks

We may have established online presences in other social networks in order to be able to communicate with you, interested parties and customers via these and to provide information about our services and current offers. In addition to our interaction with you, the social networks process data of visitors to their websites for the purpose of market research and advertising, i.e. a user profile may be created by the respective operator of the social network from the respective visit or usage behavior and preferences and interests of a visitor derived therefrom. Such user profiles can be used, among other things, to display advertisements to users individually adapted to the respective user profile within the respective social network and possibly on other websites. In the process, cookies (see above) may be stored on visitors' devices, which can be used to collect data on usage behavior. The collection of this data can also be realized across several browsers and/or end devices used by a user, especially in the case of logged-in members of the respective social network. Even if a visitor does not have a profile with the respective social network, it cannot be ruled out that personal data about this visitor will be stored by visiting the respective website.

Requests for information regarding the data stored via our online presences in social networks or the exercise of other relevant data subject rights (see below) can be directed to the provider of the respective service. Only the providers of the social networks have access to the respective data stored there and can provide the relevant information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data protection notices and the respective contact options:

Twitter Inc.

One Cumberland Place
Fenian Street
Dublin 2, D02 AX07, Ireland

Datenschutzerklärung: https://twitter.com/de/privacy

Opt-out: https://twitter.com/personalization

 

New Work SE

Am Strandkai 1
20457 Hamburg
Deutschland

Datenschutzerklärung: https://privacy.xing.com/de/datenschutzerklaerung

 

Pinterest Europe Ltd.

Palmerston House, 2nd Floor
Fenian Street
Dublin 2, Irland

Datenschutzerklärung: https://policy.pinterest.com/de/privacy-policy

 

Snap Group Limited

7-11 Lexington Street
London, United Kingdom, W1F 9AF

Datenschutzerklärung: https://www.snap.com/en-US/privacy/privacy-policy/

 

Die Verarbeitung von Daten im Kontext unserer Onlinepräsenzen in sozialen Netzwerken erfolgt soweit unsererseits eine datenschutzrechtliche Verantwortlichkeit besteht aufgrund unseres berechtigten Interesses an der effektiven Information und direkten Kommunikation mit Interessenten und Kunden unseres Unternehmens. Grundlage für die Datenverarbeitung ist Art. 6 Abs. 1 S. 1 lit. f DSGVO, der die Verarbeitung von Daten zur Wahrung berechtigter Interessen des Verantwortlichen gestattet, sofern die Interessen oder Grundrechte und Grundfreiheiten des Betroffenen nicht überwiegen. Unser Interesse liegt in der Bereitstellung von Inhalten und der Kommunikation mit Nutzern der jeweiligen sozialen Netzwerke sowie in der Verbesserung der Reichweite und Wirksamkeit unserer Beiträge.

 

2.12 YouTube

On some of our web pages, we may use videos or plugins from YouTube. The operator of YouTube is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

As soon as you start a YouTube video on our website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. The cookies remain on your terminal device until you delete them.

After starting a YouTube video, additional data processing operations may be triggered over which we have no control. Among other things, a connection to the Google DoubleClick network may be established and your personal data may be processed in the USA in this context. You can find more information about data protection at YouTube in their data protection declaration at: https://policies.google.com/privacy?hl=de . For the use or activation of the YouTube functionality, we may request your consent.

Important in connection with data processing in the U.S.: The data protection standard in the U.S. is insufficient according to the European Court of Justice and there is a risk that your data will be processed by U.S. authorities, for control and monitoring purposes and possibly without any legal remedy.

If you have consented to our use of YouTube and the associated data processing, the data processing and, if applicable, the storage of YouTube cookies is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO and § 25 para. 1 TDDDG. You can revoke your consent at any time with effect for the future. The legality of the data processing already carried out on the basis of your consent remains unaffected by the revocation.

 

2.13 Data processing for job applications

You can send us applications for positions in our company via our websites and our contact data stored there. Insofar as personal data is transmitted to us by you in this way or in any other way when you apply, we will process your data for the purpose of reviewing, processing and responding to your application and, if necessary, for preparing the employment relationship.

The basis for the data processing is either Art. 88 (1) DSGVO, Section 26 (1) BDSG (new) which permits the processing of data for the decision on the establishment, for the establishment as well as for the implementation of employment relationships or - if you have given your consent - Art. 6 (1) p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing operations already carried out remains unaffected by the revocation.

 

2.14 Data processing for the protection of legitimate interests

We may also process your data if it is necessary to protect legitimate interests of us or of third parties. This may be the case in particular to ensure IT security and IT operations, especially in the case of support requests, to be able to trace and prove facts in the event of legal disputes and to statistically evaluate the use of our website. The basis for the data processing is then Art. 6 para. 1 p. 1 lit. f DSGVO.

 

2.15 Other data processing based on your consent

It may also happen that we request your consent for the processing of personal data. Any granting of consent and the relevant data processing in each case is on a voluntary basis and in the event of non-consent, you will not suffer any disadvantages as a result.

The data processing is then based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. An informal communication to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.

 

2.16 Log files

Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The data records stored in this process contain the following data: Browser type and browser version, operating system used, referrer URL, time of server request and (shortened) IP address.

This data cannot be assigned to specific persons. A combination of this data with other data sources is not made. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

The basis for data processing is Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. We have an interest in the prosecution, prevention and punishment of unlawful use of our offer.

 

2.17 Data processing for the handling of payments via PayPal

On our website we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you select payment via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 p. 1 lit. b DSGVO, which allows the processing of data for the performance of a contract or pre-contractual measures.

 

2.18 Data processing for the processing of payments via Sofortüberweisung.

On our website, we may offer payment via "Sofortüberweisung". The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter "Sofort GmbH"). With the help of the "Sofortüberweisung" procedure, we receive a payment confirmation from Sofort GmbH in real time and can immediately begin to fulfill our obligations. If you have chosen the payment method "Sofortüberweisung", you transmit the PIN and a valid TAN to Sofort GmbH, with which it can log into your online banking account. After logging in, Sofort GmbH automatically checks your account balance and carries out the transfer to us using the TAN you have transmitted. It then immediately sends us a transaction confirmation. After logging in, it also automatically checks your turnover, the credit line of the overdraft facility and the existence of other accounts and their balances. In addition to the PIN and the TAN, the payment data you have entered as well as data about yourself are also transmitted to Sofort GmbH. Your personal data includes your first and last name, address, telephone number(s), email address, IP address and, if necessary, other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent fraud attempts. Details on payment with Sofortüberweisung can be found in the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/ .

The transmission of your data to Sofort GmbH is based on Art. 6 para. 1 p. 1 lit. b DSGVO, which allows the processing of data for the fulfillment of a contract or pre-contractual measures.

 

2.19 Data processing for the processing of payments via PayOne

On our website, we offer payment by credit card via the "PayOne" service. BS PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt/Main (hereinafter "PayOne") is responsible for processing credit card payments and, if applicable, other payment options via "PayOne". If you have opted for these payment methods, your data will be transmitted to PayOne. The personal data transmitted to PayOne is usually your first name, last name, address, e-mail address, IP address, telephone number, cell phone number, if applicable, or possibly other data required for payment processing. Details on data protection at PayOne can be found here: https://www.payone.com/datenschutz/

The transfer of your data to PayOne is based on Art. 6 para. 1 p. 1 lit. b DSGVO, which allows the processing of data for the performance of a contract or pre-contractual measures.


2.20 Data processing for the handling of payments via GiroPay

On our website, we may offer payment via "GiroPay". GiroPay is a company of GiroPay GmbH, An der Welle 4 60322 Frankfurt/Main. If you select "GiroPay" as a payment option during the ordering process in our online store, your data will be transmitted to GiroPay. The personal data transmitted to GiroPay are usually first name, last name, address, e-mail address, IP address, phone number, cell phone number or other data necessary for payment processing. Details on data protection at GiroPay can be found here: https://www.giropay.de/rechtliches/datenschutz-agb/ .

The transfer of your data to GiroPay GmbH is based on Art. 6 para. 1 lit. b DSGVO, which allows the processing of data for the performance of a contract or pre-contractual measures.

 

2.21 Transmission of data on outstanding receivables to collection service providers

If an open invoice is not paid despite repeated reminders, we may transfer the data required to carry out a debt collection (name, address, e-mail address, company details and, if applicable, contract and claim data) to a debt collection service provider for the purpose of selling the open claims and for the purpose of debt collection and debt collection processing. When the outstanding receivables are sold, this service provider then becomes the owner of the receivable and asserts the receivable in its own name. We work with the following collection service providers: atriga GmbH, Pittlerstr. 47, DE 63225 Langen, www.atriga.com .

The processing of the data is based on the legal basis in Art. 6 para. 1 p. 1 Iit. b DSGVO and Art. 6 para. 1 p. 1 Iit. f DSGVO. Transfers on the basis of Art. 6 Iit. f DSGVO may only take place insofar as this is necessary to safeguard the legitimate interests of our company and insofar as the interests of the data subject, which require the protection of personal data, do not prevail.

 

2.22 Data processing for the fulfillment of legal obligations

In addition, we process your data for the fulfillment of legal obligations (e.g. regulatory requirements, commercial and tax law retention and verification obligations).

The basis for data processing is Art. 6 (1) p. 1 lit. c DSGVO, which permits processing for the fulfillment of a legal obligation.

 

3. recipients of personal data

Your personal data will only be disclosed or otherwise transferred to third parties if this is necessary for the purpose of contract processing or billing, or if you have given your prior consent, or if there is a legal basis for the disclosure.

Service providers who support us in the context of the aforementioned processing of your data are Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp (server hosting provider), Rheingans GmbH, Obernstraße 1b, 33602 Bielefeld (software development & support) and, where applicable, other sales and marketing partners, software (SaaS) providers, IT service providers, in particular service providers for software and hardware maintenance, and e-mail service providers.

 

4. Duration of data storage

As a matter of principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. For example, we store your data on the basis of legal obligations to provide proof and to retain data, which result, among other things, from the German Commercial Code and the German Fiscal Code. The storage periods are then up to ten full years. In addition, we retain your data for the period in which claims can be asserted against our company (statutory limitation period of three or up to thirty years).

 

5. Data security

Your personal data is transmitted securely by us using encryption. We use the SSL (Secure Socket Layer) coding system for this. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.

 

6. Data subject rights

Within the framework of the applicable legal provisions, you have the right at any time to free information about your personal data stored by us, its origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data.

For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time using the contact details listed in section 1.

You may furthermore have a right to restrict the processing of your data as well as a right to have the data you have provided us with returned to you in a structured, common and machine-readable format.

If you have given us consent to process personal data for specific purposes, you may revoke your consent at any time with effect for the future. If we process your data to protect legitimate interests, you may object to this processing on grounds relating to your particular situation. If we cannot demonstrate compelling legitimate grounds for further processing that override your interests, rights and freedoms, or if we process the relevant data from you for the purpose of direct marketing, we will then no longer process your data.

In addition, you have the option of contacting a data protection supervisory authority (right of complaint).

 



This website uses cookies to ensure the best experience possible. More information...