Data Protection & Privacy

SECURITY & PRIVACY

PRIVACY POLICY

1. GENERAL INFORMATION AND RESPONSIBILITIES

1.1. Objectives and Responsibilities

Thank you for your interest in our online shop. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.

Personal data, such as your name, address or e-mail address, is always processed in accordance with the Data Protection Basic Regulation (DS-GVO) and in accordance with the country-specific data protection regulations applicable to “Klumpen Ltd”. By means of this data protection declaration, we would like to inform you about the scope and purpose of the personal data collected, used and processed by us. Provider/data protection authority responsible:

Klumpen GmbH

Elberfelder road 4

10555 Berlin

Telephone: +49 30 568373710

Email: datenschutz@klumpen.com

1.2. Legal Basis

The legal basis for data protection can be found in the European Data Protection Basic Regulation (EU-DSGVO), the Federal Data Protection Act (BDSG-new) and the Telemedia Act (TMG).

2. TECHNOLOGY

2.1. SSL/TLS Encryption

This site uses SSL or TLS encryption to ensure the security of data processing and to protect the transmission of confidential content, such as orders, login data or contact requests that you send to us as the operator. You can recognize an encrypted connection by the fact that the address line of the browser contains a “https://” instead of a “http://” and the lock symbol in your browser line indicates “https://”.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

2.2. Access Data

You can visit our websites without providing any personal information. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, date and time of access, transferred data volume and the requesting provider (access data) and documents the access..

This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our services. In accordance with Art. 6 Para. 1 S. 1 lit. EU-DSGVO, this serves to safeguard our predominantly legitimate interests in a correct presentation of our offer as part of a weighing of interests. All access data will be deleted at the latest seven days after the end of your page visit.

2.3. Third Party Hosting Services

2.3.1. WEBSITE HOSTING

The data is stored electronically on a server. This belongs to Host Europe. Host Europe is a company based in Germany. Klumpen Ltd. has entered into an order processing agreement with Host Europe to protect your data and to comply with data protection regulations. Host Europe is therefore the recipient of the data on behalf of.

2.3.2. SUPPORT SOFTWARE ZENDESK

In order to guarantee you the best possible support, we use the “Zendesk” program. Zendesk stores the data you provide on servers in the USA. This happens when you use our contact forms or when you send us an e-mail.

This software is powered by an external system from Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA..

You will find alternative, direct contact options by telephone and post under the menu item Imprint.

The U.S. Department of Commerce, together with the European Commission and the Swiss government, has developed the framework agreements for the EU-US Privacy Shield and the Swiss US Privacy Shield to provide companies with a mechanism for transferring personal data from the European Union to the United States while maintaining a level of security appropriate to European data protection law.

Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, U.S.A. has submitted certificates to the U.S. Department of Commerce for compliance with the framework of the EU-US and Swiss U.S. Privacy Shields and has been added by the U.S. Department of Commerce to its list of self-certified participants in the Privacy Shield. Zendesk’s certifications confirm that the principles of the Privacy Notice are followed for the transfer of personal data from Europe and Switzerland to the United States.

Please refer to Zendesk’s privacy policy: http://www.zendesk.com/company/privacy

3. DATA COLLECTION WHEN VISING OUR WEBSITE

If you only use our website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you came to the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymous form)

Processing is carried out in accordance with Art. 6 Para. 1 lit. EU-DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of illegal use.

4. COOKIES, WEB ANALYSIS AND ADVERTISING

In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to safeguard our predominantly legitimate interests in an optimised presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO as part of a weighing of interests. Cookies are small text files that are automatically stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser the next time you visit (persistent cookies). You can find the duration of the storage in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or whether to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. These can be found for the respective browsers under the following links:

Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari™: https://support.apple.com/kb/ph21411?locale=de_DE

Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Firefox™ https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Opera™ : http://help.opera.com/Windows/10.20/de/cookies.html

If cookies are not accepted, the functionality of our website may be restricted.

4.1. Use of Google (Universal) Analytics for Web Analysis

For web page analysis this website uses Google (Universal) Analytics, a web analysis service of Google LLC (www.google.de). This serves to safeguard our predominantly legitimate interests in an optimised presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. EU-DSGVO. Google (Universal) Analytics uses methods that enable the analysis of your use of the website, such as cookies. The automatically collected information about your use of this website is generally transmitted to a Google server in the USA and stored there. By activating IP anonymisation on this website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The anonymous IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. The data collected in this context will be deleted after we have stopped using Google Analytics for the intended purpose and at the end of its use.

Google LLC has its headquarters in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Due to this agreement between the USA and the European Commission, the latter has determined an appropriate level of data protection for companies certified under the Privacy Shield.

You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de

4.2. Google DoubleClick

In the context of Google Analytics (see above), this website also uses the so-called DoubleClick cookie, which enables your browser to be recognised when you visit other websites. This serves to protect our predominantly legitimate interests in an optimal marketing of our website in accordance with Art. 6 Para. 1 S. 1 lit. EU-DSGVO. The information automatically generated by the cookie about your visit to this website will be transmitted to and stored by Google on servers in the United States. The IP address is shortened by activating IP anonymisation on this website before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The anonymous IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

Google will use this information to compile reports on website activity and to provide other services relating to website activity. This serves to safeguard our predominantly legitimate interests in an optimal marketing of our website within the framework of a weighing of interests. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. After purpose discontinuation and end of the use of Google DoubleClick by us, the data collected in this context will be deleted.

Google Double Click is an offer of Google LLC. (www.google.de).

Google LLC has its headquarters in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the USA and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield.

You can deactivate the DoubleClick cookie via this link. You can also contact the Digital Advertising Alliance to find out how to set cookies and to configure your settings. Finally, you can set your browser so that you are informed when cookies are set and can decide individually whether to accept them or not to accept them in certain cases or generally. If cookies are not accepted, the functionality of our website may be restricted.

4.3. GA Audience

Our website uses GA Audience, a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: GA Audience). GA Audience uses, among other things, cookies that are stored on your computer just like other mobile devices (e.g. smartphones, tablets, etc.) and that enable an analysis of the use of the corresponding devices. Some of the data is evaluated across all devices. Google Audience gains access to the cookies created by Google Adwords and Google Analytics. During use, data, such as in particular the IP address and activities of the user, can be transmitted to a Google Inc. server and stored there. Google Inc. may transfer this information to third parties where required to do so by law, or where such information is processed by third parties. You can prevent the collection and forwarding of personal data (in particular your IP address) and the processing of this data by deactivating the execution of Java Script in your browser or by installing a tool such as ‘NoScript’. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). Further information on data protection when using GA Audience can be found under the following link: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283

4.4. Google AdWords Remarketing

We use Google Adwords to advertise this website in Google search results and on third-party websites. When you visit our website, Google sets a remarketing cookie, which automatically uses a pseudonymous cookie ID and the pages you visit to enable interest-based advertising. This serves to protect our predominantly legitimate interests in an optimal marketing of our website in accordance with Art. 6 Para. 1 S. 1 lit. EU-DSGVO. The data collected in this context will be deleted after we have ceased to use Google AdWords Remarketing for the intended purpose and at the end of its use.

Further data processing will only take place if you have agreed to Google linking your web and app browser history to your Google account and using information from your Google account to personalise advertisements you see on the web. In this case, if you are logged in to Google while browsing our website, Google will use your information in conjunction with Google Analytics data to create and define cross-device remarketing audience lists. For this purpose, Google temporarily links your personal data to Google Analytics data in order to form target groups.

Google AdWords Remarketing is a service provided by Google LLC (www.google.de). The Google LLC is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Due to this agreement between the USA and the European Commission, the latter has determined an appropriate level of data protection for companies certified under the Privacy Shield.

You can deactivate the remarketing cookie via this link. You can also contact the Digital Advertising Alliance to find out how to set cookies and to configure your settings.

4.5. Google AdWords with Conversion Tracking

We have integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to serve ads in both Google’s search engine results and the Google advertising network. Google AdWords allows an advertiser to pre-define keywords that will be used to display an ad in Google’s search engine results only when the user uses the search engine to retrieve a keyword relevant search result. In the Google advertising network, the ads are distributed to topic-relevant Internet pages using an automatic algorithm and taking into account the previously defined keywords.

The operating company of the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to promote our website by displaying advertisements of interest on third-party websites and in the search engine results of Google and by displaying third-party advertisements on our website.

If you access our website via a Google advertisement, a so-called conversion cookie is stored on your IT system by Google. A conversion cookie loses its validity after thirty days and does not serve to identify you. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages, such as the shopping cart of an online shop system, have been accessed on our website. The conversion cookie enables both we and Google to track whether a user who came to our website via an AdWords ad generated a turnover, i.e. completed or cancelled a purchase.

The data and information collected through the use of the conversion cookie is used by Google to generate visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimise our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive any information from Google that could be used to identify you.

The conversion cookie is used to store personal information, such as the Internet pages you visit. Accordingly, each time you visit our website, personal data, including the IP address of the Internet connection you use, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may disclose personal data collected through this technical process to third parties.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on your IT system. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs.

You also have the option of opting out of receiving interest-based advertising from Google. To do this, you must access the link https://www.google.de/settings/ads from your Internet browser and make the desired settings there.

Such evaluation is carried out in particular in accordance with Art. 6 Para. 1 lit. EU-DSGVO on the basis of our legitimate interests in the display of personalised advertising, market research and/or the design of its website to meet requirements.

Further information and the valid data protection regulations of Google can be found under https://www.google.de/intl/de/policies/privacy/.

4.6. Bing Universal Event Tracking (UET)

We use the Universal Event Tracking (UET) from Microsoft Bing Ads. This service is provided by Microsoft Corporation (“Microsoft”). This allows us to track the activities of our users when our website is accessed through a Microsoft Bing ad. If a user reaches our site through such an ad, a cookie is placed on their computer. A Bing UET tag is integrated into our website. This is a code that is used in conjunction with the cookie to store some non-personal information about your use of the site. This includes, but is not limited to, the time spent on the Website, which areas of the Website have been accessed and the type of display used to access the Website. Information about your identity is not collected. The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days.

You can prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website. Further information on Bing’s analysis services can be found on the Bing Ads website (https://help.bingads.microsoft.com/#apex/3/de/53056/2).

For more information about privacy at Microsoft and Bing, see the Microsoft Privacy Policy (https://privacy.microsoft.com/de-de/privacystatement).

5. PLUGINS AND OTHER SERVICES

5.1. Google Tag Manager

This website uses Google Tag Manager, a cookie-free domain that does not collect personally identifiable information.

This tool allows “website tags” (i.e. keywords embedded in HTML elements) to be implemented and managed through an interface. By using the Google Tag Manager, we can automatically track which button, link or personalized image you have actively clicked on and then record which content on our website is of particular interest to you.

The tool also triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If you have deactivated it at the domain or cookie level, it will remain active for all tracking tags implemented with Google Tag Manager.

Google Tag Manager is used for the convenience and ease of use of our website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. EU-DSGVO.

5.2. Google WebFonts

Our website uses so-called web fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the uniform display of fonts. When you access a page, your browser loads the web fonts you need into its browser cache to display text and fonts correctly.

To do this, the browser you are using must connect to Google’s servers. This enables Google to know that your IP address has been used to access our website. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. EU-DSGVO.

Google LLC, headquartered in the USA, is certified for the us-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/

5.3. Youtube Video Plugins

On this web page contents of third offerers are merged. This content is provided by Google LLC (“Provider”).

Youtube is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

Videos from Youtube that are embedded on our site have the advanced privacy setting enabled. This means that Youtube does not collect and store information from website visitors unless they play the video. The integration of the videos serves to safeguard our predominantly legitimate interests in an optimal marketing of our offer in accordance with Art. 6 Para. 1 S. 1 lit. EU-DSGVO.

The purpose and scope of the data collection and the further processing and use of the data by the providers as well as your related rights and setting options for the protection of your privacy can be found in the data protection information from Google https://policies.google.com/privacy?hl=de.

5.4. Facebook Pixel (Custom Audience)

This website uses the “Facebook pixel” of Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook”). If explicit consent is given, it can be used to track the behavior of users after they have seen or clicked on a Facebook ad. This process is used to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and may help optimize future advertising efforts. The data collected is anonymous to us, so it does not allow us to identify users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Guidelines (https://www.facebook.com/about/privacy/). You may enable Facebook and its affiliates to serve advertisements on and off Facebook. A cookie may also be stored on your computer for these purposes. These processing operations will only take place if you have given your express consent in accordance with Art. 6 Para. 1 lit. a DS-GVO. Consent to the use of the Facebook pixel may only be given by users who are older than 13 years of age. If you are younger, please ask your legal guardian for permission. Facebook Inc. based in the USA is certified for the us-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU. In order to deactivate the use of cookies on your IT system, you can set your Internet browser so that cookies can no longer be stored on your IT system in the future or cookies that have already been stored are deleted. However, switching off all cookies may result in some functions on our Internet pages no longer being able to be executed. You can also deactivate the use of cookies by third-party providers such as Facebook on the following website of the Digital Advertising Alliance: https://www.aboutads.info/choices/.

5.5. GoogleMaps

We use “Google Maps” from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”, for directions to the location. Google is certified according to the “EU-US Privacy Shield” and thus guarantees compliance with EU data protection regulations when processing data in the USA. https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

When calling up the “Google Maps” component, Google sets cookies in order to process user settings and data when displaying the page and the associated functions on which the “Google Maps” component is integrated. It cannot be ruled out that external Google servers in the USA will be used.

The legal basis for the use of this component is Art. 6 para. 1 lit. EU-DSGVO. We have a legitimate interest in optimising the functionality of the website. The connection enables Google to identify the website from which an enquiry is sent and the IP address to which the journey display is transmitted.

If you do not agree with this processing, it is possible to prevent the installation of cookies by setting your browser accordingly. More information on this can be found above under “Cookies”.

The use of “Google Maps” and the information obtained via “Google Maps” is governed by the Google Terms of Use and the additional Terms and Conditions for Google Maps. Google offers further information, in particular on the possibilities of preventing the use of data, under the following links:

https://policies.google.com/privacy

https://adssettings.google.com/authenticated.

6. SOCIAL NETWORK AND EXTERNAL LINKS

In addition to this website, we also maintain presences in various social media, which you can reach via the corresponding buttons on our website. If you visit such a presence, personal data may be transmitted to the provider of the social network. It is possible that in addition to the storage of the data you have specifically entered in this social medium, further information may also be processed by the provider of the social network.

In addition, the provider of the social network may process the most important data of the computer system from which you visit it – for example, your IP address, the processor type and browser version used, including plug-ins.

If you are logged in with your personal user account of the respective network while visiting such a website, this network can assign the visit to this account.

The purpose and scope of the data collection by the respective medium and the further processing of your data there as well as your rights in this regard can be found in the respective provisions of the respective responsible party, e.g. below:

Facebook: https://de-de.facebook.com/about/privacy/; Opt-out option: https:www.facebook.com/settings?tab=ads

Twitter: https://twitter.com/de/privacy

Instagram: https://help.instagram.com/155833707900388

Google: https://policies.google.com/privacy?hl=de

The use of statistical tools of the respective media (e.g. Facebook Insights) serves to safeguard our predominantly legitimate interests in an optimal marketing of our products within the scope of a weighing of interests pursuant to Art. 6 para. 1 sentence 1 lit. EU-DSGVO.

Data processing on Facebook is based on an agreement between jointly responsible persons pursuant to Art. 26 DSGVO, which you can view here: https://www.facebook.com/legal/terms/page_controller_addendum

We would also like to point out that our website contains further links to external third-party websites, whereby we have no influence on the processing of the data on these external websites.

7. CONTACT POSSIBILITIES AND YOUR RIGHTS

As a data subject, you have the following rights:

  • According to Art. 15 DSGVO, you have the right to request information about your personal data processed by us to the extent specified therein;
  • According to Art. 16 DSGVO, you have the right to immediately request the correction of incorrect or incomplete personal data stored by us;
  • According to Art. 17 DSGVO, you have the right to demand the deletion of your personal data stored by us, unless further processing is prohibited.
    • on the exercise of freedom of expression and information;
    • to fulfill a legal obligation;
    • for reasons of public interest, or
    • is necessary for the assertion, exercise or defence of legal claims;
  • According to Art. 18 DSGVO, you have the right to demand the restriction of the processing of your personal data, as well as
    • the correctness of the data is denied by you;
    • the processing is unlawful, but you refuse to delete it;
    • we no longer need the data, but you need it to assert, exercise or defend legal claims, or
    • you have lodged an objection against the processing under Article 21 DSGVO;
  • According to Art. 20 DSGVO, you have the right to receive the personal data you have provided to us in a structured, common and machine-readable format or to request transmission to another responsible party;
  • According to Art. 77 DSGVO, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or of our registered office for this purpose.

8. Duration of storage of personal data

The duration of the storage of personal data is determined by the respective legal retention period (e.g. commercial and tax retention periods). After this period has expired, the corresponding data is routinely deleted if it is no longer required for contract fulfillment or contract initiation and/or if we no longer have a justified interest in further storage.

RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA AS PART OF A WEIGHING OF INTERESTS ON THE BASIS OF OUR PREDOMINANTLY LEGITIMATE INTEREST, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO SUCH PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU MAKE USE OF YOUR RIGHT OF OBJECTION, WE WILL TERMINATE THE PROCESSING OF THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO FURTHER PROCESSING IF WE CAN PROVE COMPELLING GROUNDS FOR PROCESSING WORTHY OF PROTECTION WHICH OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU MAY OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT OF OBJECTION, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT ADVERTISING PURPOSES.

Status: 27.09.2018