Data Protection Statement
3.1. Accessing Our Website
3.2. Conclusion, Execution or Termination of a Contract
3.3. Data Processing for Advertising Purposes
3.4. Online Presence and Website Optimisation
3.5. Customer Account
3.6. Social Login via Facebook, Twitter or Google
3.8. Premium Club
3.9. Customer Service via Live Chat
3.10. Contact per Email
3.12. Application / Application Process
3.13. Address completion via Google Places API
5. Your Rights
The data processing done by skatedeluxe GmbH can essentially be divided into two categories:
- For the purpose of contract execution, all data necessary for the execution of a contract with skatedeluxe GmbH is processed. Should external service providers be involved in the execution of the contract, e.g. Logistics companies or payment service providers, your data will be passed on to the extent required.
- By visiting the skatedeluxe GmbH website, various information is exchanged between your device and our server. This can also include personal data. The information collected in this way will be used, among other things, to optimise our website or to display advertisements in the browser of your device.
According to the regulations of the GDPR, you have various rights that you can assert against us. This includes, among other things, the right to object to selected data processing; in particular, data processing for advertising purposes. You can quickly identify the option to object by the following symbol:
3. Purposes of Data Processing, Legal Bases and Legitimate Interests Pursued by skatedeluxe GmbH Or a Third Party, as well as Categories of Recipient
3.1. Accessing our Website
When you visit our website, the browser used on your device automatically sends information to the server of our website and temporarily stores it in a so-called log file. We have no influence over this. The following information is also recorded without any action on your part and is stored until automated deletion:
- the IP address of the requesting Internet-enabled device
- the date and time of access
- the website from which access initiated (HTTP referer)
- the browser you use and, if applicable, the operating system of your Internet-capable device and the name of your access provider
Article 6 (1) (f) GDPR provides the legal basis for processing the IP address. Our legitimate interest derives from the purposes of data collection listed below. At this juncture, we would like to point out that from the data collected, no direct conclusions about your identity can be made nor are they drawn by us.
The IP address of your device and the other data listed above are used by us for the following purposes:
- ensuring a smooth connection setup
- ensuring comfortable use of our website
- evaluating system security and stability
3.2. Execution, Conclusion, or Termination of a Contract
The scope of activity of skatedeluxe GmbH is the remote selling of goods and services. In this context, we process the data required for the execution, conclusion, or termination of a contract with you. Which includes:
- First Name, Last Name
- Billing and Delivery Address
- Email Address
- Billing and payment data
- Date of Birth, if applicable
- Telephone Number, if necessary
The legal basis for this is Article 6 (1) (b) GDPR, i.e. You provide us with the data based on the contractual relationship between us. To process your email address, we are also obligated to send an electronic order confirmation due to a requirement in the Civil Code (BGB) (see Article 6 (1) (c) GDPR). Insofar as we do not use your contact data for advertising purposes (see point 3.3.), we store the data collected for the execution of the contract until the expiration of the statutory or, if applicable, contractual warranty and guarantee rights. After the expiration of this period, we retain information of our contractual relationship as required by commercial and tax law for the statutory periods. For this period (usually ten years from the conclusion of the contract), the data will be reprocessed in the event of a review by the tax authorities.
In order to process the purchase agreement, the following data processing is necessary:
If you have selected a payment method other than Pay-In-Advance or Cash on Delivery, we pass on the required payment data to a payment service provider whom we commission. We will forward details of your delivery address to a logistics company commissioned by us for the purpose of completing the purchase agreement.
3.3. Data Processing for Advertising Purposes
The following statements pertain to the processing of personal data for advertising purposes. The GDPR declares such data processing on the basis of Article 6 (1) (f) as fundamentally conceivable and as a legitimate interest. The duration of data storage for advertising purposes is not subject to any rigid principles and is based on the question of whether the storage is required for the promotional approach. In 3.3.4., you can read about the procedure in the case of your opposition.
3.3.1. Advertising Purposes of skatedeluxe GmbH
To the extent that you have consummated a contract with us, we will treat you as an established customer. In this case, we will process your postal contact details without explicit consent in order to provide you with information about new products and services. We process your email address in order to provide you with information about particular similar products, without explicit consent.
3.3.2. Personalised Ads
In order for you to only receive promotional information that is of perceived interest to you, we categorise and supplement your customer profile with additional information. This requires the use of both statistical information and information about you (e.g., basic customer profile data). The goal is to provide you with advertisements solely oriented to your actual or perceived needs and not to bother you with useless advertising.
On our website, we offer you the opportunity to register for our newsletter.
Your e-mail address is sufficient for registration.
To avoid improper use of your e-mail address we use a double opt-in process for registration. After registration, you will receive an e-mail with a confirmation link. Once you click on the link you will be added to the newsletter mailing list and you will receive another confirmation e-mail with your personal voucher.
Newsletter registration is documented in order to prove that the registration process was completed in accordance with legal requirements. This includes saving the date of registration and confirmation as well as the IP address. In addition, changes to your data which are saved at our email marketing provider (see below) will be documented as well. Documenting the registration process is based on our legitimate interests as per article 6 (1) f GDPR. Our interest is to establish a user-friendly and secure newsletter system which serves our business interests as well as meets your expectations and allows us to prove your consent.
Our newsletter is sent out at irregular intervals approximately twice per week. You can expect the following content:
- Information on brand new products
- Sale deals
- Discount vouchers
- Rating our shop (after-sale mail)
Under "My Account - Notification settings" you can set and change your personal preferences regarding newsletter topics and account notifications.
A data processing agreement was concluded with an email marketing provider as per article 28 (3) sentence 1 GDPR.
The following information will be submitted to the email marketing provider:
Master Data (if these exist)
- E-mail address
- First name
- Language (shop settings with newsletter registration)
- Date of birth
Information on the last order (if available)
- Shipping country
- Shipping status
If a member of the skatedeluxe Premium Club
- Premium Club e-mail notifications activated (yes/no)
- Premium Club points
- Date of last points update
- Date of Premium Club registration
Our newsletter contains a tracking pixel file (“web-beacon”) which is triggered when the newsletter is opened from the server of our email marketing provider. With this pixel, information is collected such as an IP address, the browser used and the time the newsletter was opened.
The previously mentioned collected and transferred data are only used to improve our newsletter offer.
Dispatch of the newsletter and the associated performance measurement are based on your agreement per article 6 (1) a GDPR in conjunction with § 7 (2) Nr. 3 UWG. If you previously purchased something from our site you are listed as an existing customer. In this case, the newsletter is sent out based on our legitimate interests in direct marketing as per article 6 (1) f GDPR in conjunction with § 7 (3) UWG.
You can unsubscribe from the newsletter at any time and object to the use of your e-mail address. You can either unsubscribe via the link at the bottom of every newsletter or directly in “My Account” under the menu item “Newsletter”. The data processed as a result of the newsletter mailout is not subject to any automatic deletion period but will be deleted only after unsubscribing to the newsletter. Even after revocation of your consent, we store the consent data for another 6 months on the basis of Art. 6 (1) (f) GDPR. In cases of doubt, being able to prove that consent was given at some point in the past is to be classified as a legitimate interest within the meaning of this regulation.
If you have any questions please contact our customer service at any time.
3.3.4. Right to Object
You can lodge an objection against future data processing for the aforementioned purposes at any time, free of charge, for any model of communication to which you object. Just send an email to firstname.lastname@example.org or send a letter to the address mentioned under Section 2 above.
If you file an objection, the affected contact address will be disabled from further advertisement processing. We would like to point out that in exceptional cases, even after receipt of your objection, it is possible that advertising material may continue to be delivered for a temporary period. This is due to the necessary lead time of advertisements and does not mean that we have not implemented your objection. Thank you very much for understanding!
3.4. Online Presence and Website Optimisation
3.4.1. Cookies – General Information
To analyse the visitor traffic on our website we use the open-source tool Matomo. With the help of a cookie stored on your device information about usage of our website will be transferred to our server and stored there. Thus there is no data transfer to third parties or third countries. Your IP address is anonymized immediately so that no conclusions about you as a user are possible at all. The data collected about you will be used to analyze and improve our website.
3.4.3. Google Analytics / Universal Analytics
In order to design our pages to meet needs-based requirements and to optimize them on an ongoing basis, we use Google Analytics (Google Analytics 4 & Universal Analytics). This is a web analytics service provided by Google Ireland Limited ("Google"), a company incorporated and operated under the laws of Ireland (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland.
Scope of processing
We use Google Analytics in different ways depending on your consent to the use of statistics cookies.
If you do not consent to the use of statistics cookies, we use Google Analytics without cookies on the basis of Article 6(1)(f) GDPR.
This integration records your visit behavior via an anonymous and non-resolvable ID ("ClientId") without any personal data and transmits it to Google. Google Analytics cannot merge statistical data from our website with data from other websites, create user profiles or recognize you across different sessions and devices ("cross-device tracking").
You still have the option to object to this by setting the switch to "ACTIVE":
If you consent to the use of statistics cookies, anonymous use profiles will be created and cookies will be used. The legal basis for this is Section 25 (1) TTDSG and for data processing Article 6 (1) (a) GDPR.
In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. The full IP address will only be transferred to a Google server in the USA and shortened there in exceptional cases. According to Google, the IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.
When you visit the website, your user behavior is recorded in the form of "events". Events can be:
- page views
- first visit to the website
- start of session
- your "click path", interaction with the website
- scrolls (whenever a user scrolls to the end of the page (90%))
- clicks on external links
- internal search queries
- interaction with videos
- file downloads
- seen / clicked ads
It will also record:
- your approximate location (region)
- your IP address (in shortened form)
- technical information about your browser and the devices you use (e.g. language settings, screen resolution)
- your internet service provider
- the referrer URL (via which website/advertising material you came to this website)
The operator of this website has commissioned Google to use this information to evaluate your anonymous use of the website and to compile reports on website activities. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.
The recipients of the data are/could be
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor according to Art. 28 GDPR)
- Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
- Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
The possibility that U.S. authorities will access the data stored by Google cannot be ruled out.
Where data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have agreed to EU standard contractual clauses with the service provider in order to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. A data transfer to the USA and access to Google's stored data by US authorities cannot be ruled out. The USA is currently considered an unsafe third country in terms of data protection law. You do not have the same rights there as within the EU/EEA. You may not have any legal remedies against access by authorities.
The information we send and that is linked to cookies is automatically deleted after 14 months. Removal of data whose retention period has been reached takes place automatically once a month
The legality of any processing carried out on the basis of your consent up to the point of revocation remains unaffected by this.
You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to refuse all cookies, this may restrict the functionality of this and other websites. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
- a. not giving your consent to the setting of the cookie or
- b. downloading and installing the browser add-on to disable Google Analytics.
The targeting measures we employ listed below are implemented pursuant to Article 6 (1) (f) GDPR. By employing these targeting measures, we strive to make sure that only advertising oriented to your actual or perceived interests is displayed on your devices because we do not want to bother you with uninteresting ads.
On our website, cookies are used to collect and evaluate the information for ad optimisation. This data may contain, for example, information about which of our products you are interested in. The collection and evaluation are done exclusively pseudonymously and does not allow us to identify you. More particularly, the information is not merged with personal information. Using information about your past user behaviour, we can show you offers on our site that are specifically geared towards your interests. The Onsite Targeting Cookies are automatically deleted after 30 days.
We also use re-targeting technologies from Criteo GmbH and Google LLC. (Google AdSense). This allows us to make our online products and services more interesting for you. To that end, a Cookie is set, with which data about your interests is collected using pseudonyms. Based on this information, you will be shown advertisements of our offers on the websites of our partners, specifically based on your interests. No sensitive personal information will be stored, and no user profiles will be merged with personally identifiable information about you. The re-targeting cookies are stored for a period of 30 days and then automatically deleted.
188.8.131.52. Facebook Pixel
The pixel acts as a so-called pseudonym, which means the use of a pixel does not result in any direct association with your person. You have the opportunity to object to this by setting the switch to "ACTIVE".
An Opt-Out-Cookie is set to ensure that no Facebook pixel is set when this website is accessed. If you use multiple browsers, you’ll have to install an Opt-Out-Cookie for each browser individually.
184.108.40.206. Objection / Opt-Out Opportunity
As permitted by Article 6 (1) (f) GDPR, we use social media plug-ins on our website from the social networks Facebook and Twitter to raise brand awareness. This underlying commercial purpose is regarded as a legitimate interest in accordance with the GDPR. Our compliance with data protection guidelines ensures liability by their respective providers. We integrate these plug-ins by means of the so-called two-click method to best protect visitors of our website.
Our website uses plug-ins from the social network Facebook, which is provided by Facebook Inc. The Facebook plug-ins are denoted by the Facebook logo with the addition of "like" or "share".
If you activate such a plug-in (first click), your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted by Facebook directly to your browser and is integrated into the page. Through this integration, Facebook receives the information that your browser has accessed that corresponding page of our website, even if you do not have a Facebook profile or are currently not logged in to Facebook.
This information (including your IP address) will be sent from your browser directly to a Facebook server in the U.S. and stored there. If you are logged into Facebook, Facebook can immediately assign your visit to our website to your Facebook profile.
If you interact with the plug-ins, for example by clicking the "Like" button (second click), this information will also be sent directly to a Facebook server and stored there. The information will also be posted on your Facebook profile and displayed to your Facebook friends.
If you do not want Facebook to directly associate the information gathered from your visit to our website with your Facebook profile, you must log out of Facebook before visiting our website.
Our website also includes the plug-in for the short message network Twitter Inc. The Twitter plug-in ("Tweet" button) is denoted by the Twitter logo (a white bird on a blue background) and the word "tweet". When you visit a page on our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter receives the information that you, with your IP Address, have visited our site. If you click the Twitter button while logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to associate your visit to our pages with your account. We would like to point out that we, as the provider of the website pages, are not aware of the content of the transmitted data and their use by Twitter. More information can be found here. If you do not want Twitter to associate your visit to our pages, please log out of your Twitter account.
3.5. Customer Account
In order to provide you with the greatest possible ease while shopping, we offer you the option to permanently store your personal data in a password-protected customer account. The creation of a customer account is voluntary and is contingent on your consent in accordance with Article 6 (1) (a) GDPR. After setting up a customer account, no repeated data entry is necessary. You can also view and change the data stored in your customer account at any time.
In addition to the data requested from you while placing an order, you must provide a self-chosen password in order to set up a customer account. This, together with your email address, will be used to access your customer account. Please treat your personal access data confidentially and, in particular, do not make it accessible to unauthorized third parties. We cannot accept liability for misused passwords provided we are not responsible for the misuse. Please note that after leaving our website, you will remain logged in unless you actively log out.
The data transmission is based on our legitimate interests pursuant to Art. 6 (1) f GDPR in conjunction with § 7 (3) UWG.
An order processing agreement pursuant to Art. 28 (3) sentence 1 GDPR has been concluded with the delivery service provider.
The following data, if available, will be transmitted to the delivery service provider:
- Email address
- First name
- Language (shop-setting at login or self-configured language option)
- Date of birth
- Information on your orders (e.g. order date and delivery status)
- Information on your Premium Club membership (z.B. PPremium Club Status level and Point scores)
Our emails may contain a tracking pixel file ("web beacon"), which is retrieved from the server of the dispatch service provider when the e-mail is opened. This pixel retrieves information such as the IP address, the browser used and the time the email is opened. The aforementioned collected and transmitted data is used exclusively to improve our notification service.
Under "My Account - Notification settings" you can set and edit your personal preferences for email notifications of your account at any time.
You have the option to delete your customer account at any time. To do so, please log in to your account and visit the "My Account" overview page. Then click "Personal Data" and "Deactivate customer account". Alternatively, you can send us an email at email@example.com.
Please note, however, that this does not mean that all personal data will be deleted at the same time, as we are bound by statutory retention periods. For further information, please contact firstname.lastname@example.org.
3.6. Social Login via Facebook, Twitter or Google
In case you are registered at Facebook, Google or Twitter, you can log in at skatedeluxe with your login data. This simplifies the registration process and you don’t have to remember any additional login data. Processing takes place in accordance with Article 6 (1) (f) GDPR.
After pressing the appropriate button you will be forwarded to Facebook, Google or Twitter. If you are not logged in, please log in and confirm, that skatedeluxe is allowed to get access to your personal data.
Which of my personal data will be stored?
The following personal data will be transmitted to us, which we use for registration purposes:
- Facebook: surname, forename, e-mail-address, gender, date of birth, Facebook ID
- Google: surname, forename, e-mail-address, Google-ID
- Twitter: e-mail-address, Twitter ID
What happens after my account was connected?
If you already have a skatedeluxe account with the same e-mail address as on Facebook, Google or Twitter, you are now logged in and you can shop online.
If you don’t have an account with the e-mail address that is registered on Facebook, Google or Twitter you will be forwarded to our registration page. The received data are already filled into the registration form. After the completion of the data, which are necessary to register and by clicking “continue” your account will be created and you can start shopping on skatedeluxe.
How can I delete the connection?
If you want to disconnect your skatedeluxe account, please visit Facebook, Google or Twitter and configure it under “settings – apps”.
After deleting the connection you can log in with your former password unless you have already had an account. Alternatively, you can request a new password by using our “Son of a bee sting. I forgot my password” function.
On our website, we embed videos from the video platform YouTube. The videos are embedded in the extended data protection mode. YouTube sets cookies on your device to collect information about you as a visitor. This information is used by YouTube to capture, among other things, video statistics, to prevent fraud, and to improve usability. It will also connect to the Google DoubleClick network. When you start a video on our site, there is a chance that other data processing operations will be triggered that we have no control over. Processing takes place in accordance with Article 6 (1) (f) GDPR. For more information on privacy on YouTube, please see: YouTube and Privacy
3.8. Premium Club - Customer Rewards Program
On our website, we offer a customer rewards program: the skatedeluxe "Premium Club". Participation is voluntary. After signing up for our rewards program, you will receive points for each purchase that you can exchange for premiums (such as coupons or items).
The data collected and stored pertaining to your participation in our customer rewards program will be used solely for the purpose of carrying out this program and shall not be disclosed with third parties. Article 6 (1) (a) GDPR provides the legal grounds for processing your data. Further information about the Premium Club can be found in the terms and conditions.
You can cancel your membership anytime directly on the Premium Club page under "Account Information" "Disable Account" after logging in. You can also send us an email to email@example.com or use the contact details provided under Section 2.
3.9. Customer Service via Live Chat
On our website, we provide a Live Chat widget to enable our customer service team to quickly answer questions. It will be displayed at the lower right edge of the screen, and you can recognise it by the skatedeluxe logo and white font on a red background.
In order to offer you this service and help you in the best possible way, the following data are collected and processed:
- the name you provided,
- your email address (given you are logged in or if you’ve provided it),
- your chat message,
- the time of your chat,
- browser, operating system, and screen resolution,
- your IP-Address, and
- the link of the webpage from which you started the chat.
In order to improve our quality of service and to better understand request flows using previous chats, the chat histories are stored for a period of 30 days and then deleted in their entirety.
Cookies are used to operate the chat function (see 3.4.1.). The processing of the aforementioned personal data is carried out in accordance with section 25 (2) sentence 2 TTDSG.
3.10. Contact per Email
Due to legal regulations, our website contains information that allows you to quickly contact our company and to communicate with us directly. If you contact us by email, via our contact form or by using the feedback button integrated on our site, the personal data you provide will be automatically saved. These include:
- your name,
- your email address,
- your IP-Address, and
- your message.
Such personal data transmitted by you to us on a voluntary basis will be stored for the purpose of contacting you or processing. No disclosure of this personal data to third parties shall take place. The processing of your personal data is carried out in accordance with Art. 6 (1) (b) GDPR.
In our blog, we offer you the opportunity to leave comments on individual blog posts. A blog is a web-based, usually publicly-accessible portal in which one or more people, called bloggers or web bloggers, can post articles or record their thoughts in so-called blog posts.
If you comment on a post in our blog, your comments, as well as the time of your comment and the username (pseudonym) you’ve chosen, will be saved and published. Your IP address will also be saved. The storage of your IP address is done for security reasons and in the event that you violate the rights of third parties or post illegal content. The use of your email address is intended, in the case of a Sweepstakes or Giveaway, to inform that you’ve won, and also to protect us against automated spam comments.
Your personal data shall not be disclosed to third parties unless such a disclosure is required by law or for our legal defence. Processing takes place in accordance with Article 6 (1) (c) and (f) GDPR.
3.12. Application / Application Procedure
skatedeluxe collects and processes the personal data of applicants for the purpose of carrying out the application process. Processing takes place in accordance with Article 6 (1) (b) GDPR. The process can also be performed electronically. This applies, in particular, if an applicant submits the corresponding application documents to us via email or cloud link. Should skatedeluxe enter into a contract of employment with an applicant, the transmitted data will be stored for the purpose of implementing the employment relationship in compliance with legal requirements. If we do not enter into a contract of employment with the applicant, the application documents will be automatically deleted two months after the notification of declination, provided that deletion does not conflict with any other legitimate interests of the person responsible for the processing. In that sense, an example of legitimate interest would be to meet the burden of proof in proceedings pursuant to the General Act on Equal Treatment (Allgemeinen Gleichbehandlungsgesetz (AGG)).
Should we foresee the possibility to hire an applicant at a later date, we will ask for the applicant’s permission to save the application documents for future contact, beyond the aforementioned retention period. Of course, the applicant can revoke consent to our retaining of the application documents at any time by sending an email to firstname.lastname@example.org or using the contact details under Section 2.
3.13. Address completion via Google Places API
To simplify entering your order's address and avoid errors, we use Google Places API for address completion. This service is provided by Google Cloud EMEA Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland.
Google Cloud EMEA Limited is the data exporter and controller.
The address suggestion based on your input is the response to an http request to Google. Google logs the following data for this purpose:
- your IP address
- date and time of your request
- the URL of the request
- information about your web browser and operating system
The processing of your data in connection using the Google Places API for address completion is based on Article 6(1)(f) GDPR. Our legitimate interest is to provide you with a user-friendly shopping experience and to improve the quality of address information in order to avoid problems with the delivery of your package.
With the exception of points 3.4.5., 3.6. and 3.7., we do not disclose your data to recipients based outside the European Union or the European Economic Area. The processes mentioned under points 3.4.5., 3.6. and 3.7. trigger a transfer of data to be made to the servers of contractors appointed or used by us. These servers are located in the USA. The data transfer takes place on the basis of so-called Standard Contractual Clauses of the EU Commission (SCCs). In these standard contractual clauses, the recipient assures to adequately protect the data and thus to ensure a level of protection comparable to the GDPR.
In addition to the right to revoke the consent you granted to us, you are entitled to the following additional rights, subject to applicable law:
- You have the right to information about your personal data stored by us in accordance with Art. 15 GDPR. In particular, you are entitled to information about processing purposes, the category of personal information, the categories of recipients to whom your information has been disclosed, the projected retention period of your data, and the source of your data, if not collected directly from you.
- You have the right to rectification, i.e. the right to correct inaccurate data or to complete correct, yet incomplete, data in accordance with Art. 16 GDPR.
- You have the right to erase your personal data stored by us in accordance with. Art. 17 GDPR, except insofar as required by statutory and/or contractual retention periods. Other statutory obligations and/or rights for further storage are also to be observed.
- You have the right to restrict the processing of your data in accordance with Art. 18 GDPR, provided that (1) the processing is unlawful and you oppose the erasure of the personal data, and instead request the restriction of their use, (2) the person responsible for the data no longer needs it, but you need it for the establishment, exercise or defence of legal claims, or (3) you have objected to processing in accordance with Art. 21 GDPR.
- You have the right to data portability in accordance with Art. 20 GDPR, i.e. You have the right to receive selected data concerning yourself, which you have provided to us, in a commonly used, machine-readable format or to request to have the personal data transmitted directly from one controller to another.
- You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your place of residence or work, or of our company headquarters.
5.2. Right to Object
Under the conditions of Article 21 (1) GDPR, data processing can be objected to for reasons related to the concerned person’s particular situation.
All of the personal data that you share with us, including your payment details, is transmitted via the general, commonly used and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard, which is also used in online banking, for example. You can recognise a secure SSL connection by, among other things, the added “s” on the http (i.e. “https“) in the address bar of your browser and a padlock icon, which, depending on the browser, used is also typically located near the address bar.
Of course, we take the appropriate technical and organisational security measures to protect your personal data against manipulation, partial or complete loss, and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Last Updated: 29.09.2023