.svg)
Data Privacy
Below we provide you with information about the processing of your personal data by us. Personal data within the meaning of Art. 4 GDPR are all information relating to an identified or identifiable natural person (such as name, address, telephone number, email, invoices, bank details, etc., as well as your user behavior).
Inhalt
1. Contact details
2. Legality of processing personal data
3. Collection and storage of personal data, as well as the nature and purpose of their use
4. Storage period and data deletion
5. Disclosure of data to third parties
6. Hosting
7. Cookies
8. Payment service providers
9. Credit checks
10. Analysis services
11. Social media services
12. Other online services
13. Rights of data subjects
14. Right to object
15. Data security
16.Timeliness and changes to this privacy policy
1. Contact details
This privacy information applies to data processing by the following responsible party:
Responsible Person: Harald Pach
Adress: Untere Kirchstr. 4/2, 74343 Sachsenheim
Email: ecommerce@pach-systems.de
Telephone: 07147-220009
Fax: 07147-220010
2. Legality of processing personal data
We generally only collect and use personal data of our users to the extent necessary to provide a functional website as well as our content and services. The collection and use of personal data of our users is usually based on the user's consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons or where the processing of data is permitted by legal regulations.
According to Article 6 of the General Data Protection Regulation (GDPR), the processing of personal data is lawful if one or more of the following points are met:
- You have given your explicit consent to the processing in accordance with Art. 6(1)(a) GDPR.
- The processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures in response to your request, in accordance with Art. 6(1)(b) GDPR.
- The processing is necessary to fulfill a legal obligation on our part in accordance with Art. 6(1)(c) GDPR.
- The processing is necessary to protect your vital interests or those of another natural person, in accordance with Art. 6(1)(d) GDPR.
- The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us in accordance with Art. 6(1)(e) GDPR.
- The processing is necessary for the purposes of legitimate interests pursued by us or a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data, in accordance with Art. 6(1)(f) GDPR.
3. Collection and storage of personal data, as well as the nature and purpose of their use
As part of the use of our website, we may process personal data of users of our website (which may include customers, prospective customers, and visitors to our website), such as contact details, usage data, and communication data. This is done, among other things, for the purpose of providing a functioning online offering, communicating with users of our website, processing contact or customer inquiries, and for the purpose of contract fulfillment. Furthermore, data may be collected and processed for marketing purposes.
The following sections will inform you about the data that may be collected from you and the purposes for which it may be collected and processed.
When visiting the website:
When you access our website, information is automatically sent to the server of our website by the browser used on your end device. These pieces of information are temporarily stored in a so-called logfile. The following information can be collected and stored automatically until automated deletion, without your intervention:
- IP address of the requesting computer
- Date and time of access
- Content of the request (specific page)
- Name and URL of the accessed file
- Access status/HTTP status code
- Amount of data transferred
- Website from which the access originated (referrer URL)
- Used browser and, if applicable, your computer's operating system, as well as the name of your access provider
- Language and version of the browser software
The mentioned data, if collected, are processed by us for the following purposes:
- Ensuring a smooth connection establishment of the website
- Ensuring a comfortable use of our website
- Evaluation of system security and stability
- Other administrative purposes
The legal basis for data processing is Art. 6(1)(f) of the General Data Protection Regulation (GDPR). Our legitimate interest arises from the purposes of data collection listed above. Under no circumstances do we use the collected data to draw conclusions about your person.
Furthermore, when visiting our website, we may use cookies and online services. For further explanations, please refer to this privacy policy.
Contract initiation/contract fulfillment:
We process personal data that we receive in the context of pre-contractual inquiries and in the context of our business relationship. For example, the following personal data may be collected and processed by us: salutation, first name and last name, address, telephone number, email address, IBAN/credit card number including verification digit (only if necessary for payment processing).
Furthermore, data may be disclosed to third parties (see section 5 "Disclosure of data to third parties" in this privacy policy).
The processing and storage of your transmitted data are based on Art. 6(1)(b) GDPR for the purpose of contract fulfillment or the performance of pre-contractual measures. In other cases, we process and store your data based on your consent according to Art. 6(1)(a) GDPR and our legitimate interest in processing the inquiry directed to us according to Art. 6(1)(f) GDPR.
When using our contact form:
For any kind of inquiries, we offer you the opportunity to contact us via a form provided on the website. The provision of a first name, last name, and valid email address is required so that we know who the request comes from and to be able to respond to it. Optionally, a telephone number can be provided. The processing and storage of your transmitted data are based on Art. 6(1)(b) GDPR for the purpose of processing your inquiry. Furthermore, we process your data based on your consent according to Art. 6(1)(a) GDPR and our legitimate interest in processing the inquiry directed to us according to Art. 6(1)(f) GDPR.
When creating a customer account:
You have the option to register with us and create a customer account. The required data (such as name, address, and email) are marked accordingly and can be found in the input mask. In the customer account, your personal data is stored for the purpose of not having to enter this data again during a later visit to our website and when placing further orders, thus simplifying the ordering process. The customer account is protected by a password chosen by you. You can delete your customer account at any time and revoke your consent, resulting in the irrevocable deletion of the data stored in the customer account, unless there are legal retention periods to the contrary. To do so, a message to the contact details provided in the legal notice is sufficient (also possible via email).
Processing and storage of your transmitted data is based on Article 6(1)(a) of the General Data Protection Regulation (GDPR) with your previously given consent and on the basis of Article 6(1)(b) GDPR for the fulfillment of the contract.
4. Storage period an data deletion
We generally store personal data only for as long as the purpose for which you entrusted us with the data is fulfilled. Afterward, the data is permanently deleted. However, if there are legal retention periods for the storage of personal data, we store the data for as long as we are legally obligated to do so. Such obligations regularly arise from legal retention and documentation requirements, which are, among others, regulated in the Commercial Code and the Tax Code, for example, ten years for tax purposes.
After the expiration of the statutory retention period, the data is permanently deleted. A consent given for the processing and storage of your personal data in accordance with Article 6(1)(a) GDPR can be revoked at any time, resulting in the permanent deletion of the data unless there are legal retention periods.
Further rights that allow you to prohibit the processing of your personal data by us are derived from Article 21(1) and (2) GDPR. Information on the right to object resulting from this can be found in this privacy policy under Section 14 "Right to Object."
5. Disclosure to third parties
We only disclose your personal data to third parties if:
- You have given your express consent in accordance with Article 6(1)(a) GDPR,
- The disclosure is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, based on Article 6(1)(f) GDPR, such as exercising, defending, or asserting legal claims, unless your interests or fundamental rights and freedoms that require the protection of personal data override those interests,
- There is a legal obligation for the disclosure in accordance with Article 6(1)(c) GDPR,
- In accordance with Article 6(1)(b) GDPR, it is necessary for the processing of payments to the payment service provider responsible for the payment processing and, based on Article 6(1)(f) GDPR, within the scope of our legitimate interests to offer reliable and secure payment processes,
- It is legally permissible and necessary for the processing of contractual relationships with you in accordance with Article 6(1)(b) GDPR, such as the disclosure of address data to a shipping company. Similarly, data can be disclosed to a dropshipper who then sends the goods to you on our behalf. If you order goods to be sent to a different address than yours, this is done based on our legitimate interests according to Article 6(1)(f) GDPR in the proper fulfillment of the contractual relationship.
If necessary, a data processing agreement in accordance with Article 28(3)(1) GDPR has been concluded with the service provider involved.
In the event that personal data of the customer is processed in a third country (outside the EU), this is done within the scope of the customer's previously given consent, for the fulfillment of the contract, or due to existing legal obligations. Any possible transfer will be made in compliance with the legal requirements. In this regard, the provisions of Articles 44 to 49 GDPR apply in particular.
6. Hosting
This website is hosted by an external service provider. Personal data collected on this website is stored on the servers of the hosting provider, possibly in the United States. This may include IP addresses, contact inquiries, communication data, contract data, contact details, website access, and other data generated through a website. Our hosting provider will process your data only to the extent necessary to fulfill its contractual obligations and will comply with our instructions regarding this data. An order processing agreement in accordance with Article 28(3) sentence 1 of the GDPR has been concluded with the hosting provider.
The use of the hosting service is for the purpose of fulfilling contracts with our potential and existing customers in accordance with Article 6(1)(b) of the GDPR and in the interest of a secure, fast, and efficient provision of our online offerings in accordance with Article 6(1) sentence 1(f) of the GDPR.
Hosting provider:
ALL-INKL.COM
We host our website with the following service provider: ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany.
Further information on the privacy policy of ALL-INKL.COM can be found at:
https://all-inkl.com/datenschutzinformationen/
7. Cookies
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, trojans, or other malware. The cookie stores information that is related to the specific end device used.
Essential cookies that ensure the smooth functioning of the website and do not require consent are used. The use of these cookies is intended to make your use of our offerings more pleasant. For example, we use so-called session cookies. A session ID is generated, which assigns the user to the session and is temporarily stored. This allows multiple windows of our website to be opened and assigned to the same user, and login data or the contents of the shopping cart to be retained. Session cookies are deleted when you close your browser.
We may also use functional cookies. These cookies store the settings made during your last visit to the website, such as language selection or internal bookmarks, so that they do not need to be selected again. This allows future visits to our website to be more user-friendly.
Furthermore, performance cookies may be used. These cookies contain information about how our website is used. For example, we can determine how often and how long our website is visited and which subpages are accessed. This allows us to see which areas of our website are particularly interesting to users. Performance cookies enable the analysis of your browsing behavior for the purpose of optimizing our online offerings. They do not allow conclusions to be drawn about you as a user.
Marketing cookies from third-party providers may be set on your end device. The purpose of this is to analyze user behavior across multiple websites over an extended period of time for online marketing purposes and to place personalized advertisements accordingly.
You can configure your browser settings according to your preferences and refuse the acceptance of cookies. However, we would like to point out that in this case, you may not be able to use all functions of this website.
The use of cookies is based either on your consent according to Article 6(1) sentence 1(a) of the GDPR or on our legitimate interests in a functioning website according to Article 6(1) sentence 1(f) of the GDPR.
8. Payment service providers
The processing of personal data by a payment service provider is based on Article 6(1) sentence 1(b) of the GDPR for the purpose of contract processing and only to the extent necessary, as well as on our legitimate interests according to Article 6(1) sentence 1(f) of the GDPR in being able to offer reliable and secure payment processes. The responsibility for the data protection-compliant handling of the data collected and processed by the payment provider lies with the respective payment provider.
9. Credit checks
In the case of the payment method "invoice," we may, based on Article 6(1)(f) of the GDPR, retrieve credit information from specialized financial service companies (credit agencies) for the purpose of credit checks and credit monitoring when concluding contracts. This interest is considered legitimate under the aforementioned provision. The processing of data stored by the respective credit agency is carried out for the protection of creditors and creditworthiness, which regularly outweighs your interests, rights, and freedoms, or serves the assertion, exercise, or defense of legal claims.
10. Analysis Services
The tracking measures listed below, which we use, are carried out based on your consent according to Article 6(1)(a) of the GDPR or our legitimate interests according to Article 6(1)(f) of the GDPR. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offering for you. If necessary, a data processing agreement pursuant to Article 28(3)(1) of the GDPR has been concluded with the service provider. The responsibility for the privacy-compliant operation lies with their respective providers.
You can prevent the storage of cookies by adjusting your browser software accordingly. However, please note that in this case, you may not be able to use all functions of this website to their full extent. Unless otherwise specified regarding the storage period, the data will be stored for a period of two years and then deleted.
Google Analytics
We use Google Analytics on our website. The responsible company is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses "cookies" (see section 7 "Cookies") to generate information about the use of this website, which is transmitted directly to Google's servers, possibly in the United States, and stored there. We have enabled IP anonymization on this website, so that the IP address from Google is shortened within member states of the European Union or other parties to the Agreement on the European Economic Area before being transmitted. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and shortened there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, compile reports on website activities, and provide further services related to website use and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be associated with any other data held by Google.
The storage period for the collected personal data is 14 months. The data will be deleted after the storage period expires.
You can also prevent the collection of data generated by the cookie about your use of the website (including your IP address) and its processing by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de
If you do not agree with the display of advertisements, you can deactivate them: https://www.google.com/settings/ads/onweb
Further information on Google's privacy policy and terms of use can be found at: https://policies.google.com/privacy
11. Social Media Services
We do not use social media services.
12. Other Online Services
On our websites, we use online services and advertising tools provided by the companies listed below, based on your consent according to Art. 6(1)(a) GDPR or within the scope of our legitimate interest in optimal marketing of our offerings according to Art. 6(1)(f) GDPR. If necessary, a data processing agreement according to Art. 28(3)(1) GDPR has been concluded with the service provider involved. The respective providers are responsible for ensuring data protection-compliant operations.
You can prevent the storage of cookies by adjusting your browser software accordingly. However, please note that in this case, not all functions of this website may be fully usable.
Google Fonts (local)
This website incorporates the fonts from "Google Fonts," provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). We have locally stored the fonts on our server, so the necessary data is also retrieved from this server. Therefore, there is no connection to Google's servers. The use of Google Fonts is based on our legitimate interest in an appealing presentation of our online offerings according to Art. 6(1)(f) GDPR.
Review tool
You have the option to submit a review about our service and the products purchased from us. After completing the transaction, you can rate it and, if necessary, provide comments. For this purpose, we collaborate with a third-party provider. This may involve the transmission of personal data such as name, email address, invoice number, and the review itself. It may also involve the disclosure of, for example, the IP address. The use of a review system serves the purpose of optimizing our service performance and gaining customer trust. To inform you about this option, you may be contacted by us or the provider, assuming your prior consent, in the interest of a reliable review during the purchase process.
The storage period is the responsibility of the respective provider.
Provider:
Geprüfter Webshop
We use the review tool provided by Tisko Consulting GmbH, Hertzstr. 15, 53881 Euskirchen, Germany.
For more information about data protection at Tisko Consulting GmbH, please visit:
https://www.gepruefter-webshop.de/datenschutz/
Quality Seal "Certified Webshop"
The "Certified Webshop" seal is integrated on our website. The seal and the services advertised with it are provided by Tisko Consulting GmbH, Hertzstr.15, 53881 Euskirchen. When accessing the seal, the web server automatically stores a so-called server log file, which contains, for example, your IP address, date and time of access, data volume transferred, and the requesting provider (access data) and documents the access. This access data is not evaluated and is automatically deleted no later than 30 days after the end of your visit to the website.
For further information on data protection by Tisko Consulting GmbH, please visit:
https://www.gepruefter-webshop.de/datenschutz/
13. Rights of the data subject
You have the right:
- according to Art. 15 GDPR, to request information about the personal data we process concerning you. In particular, you can request information about the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the data have been or will be disclosed, the envisaged storage period, the existence of the right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the source of your data if it was not collected by us, and the existence of automated decision-making, including profiling, and meaningful information about the logic involved;
- according to Art. 16 GDPR, to request the rectification of inaccurate or completion of incomplete personal data stored by us without undue delay;
- according to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- according to Art. 18 GDPR, to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful, but you oppose its erasure, and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing pursuant to Art. 21 GDPR;
- according to Art. 20 GDPR, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format or to transmit those data to another controller;
- according to Art. 7(3) GDPR, to withdraw your consent at any time. This withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;
- according to Art. 77 GDPR, to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR. You can usually contact the supervisory authority of your habitual residence, place of work, or our registered office.
14. Right of object
If your personal data are processed based on legitimate interests according to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
If you wish to exercise your right of withdrawal or objection, an email to the email address stated in the imprint is sufficient.
15. Data Security
During your website visit, we use the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. Typically, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we fallback to 128-bit v3 technology. You can recognize whether an individual page of our website is transmitted securely by the closed display of the key or padlock symbol in the lower status bar of your browser.
Furthermore, we employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological advancements.
16. Currency and Changes to this Privacy Policy
This privacy policy is currently valid.
Due to the further development of our website and offerings, or changes in legal or regulatory requirements, it may be necessary to amend this privacy policy. The current privacy policy can be accessed and printed by you at any time on this website.