Privacy Policy
Data protection
Unless otherwise stated below, the provision of your personal data is neither required by law nor contractually, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This only applies if no other information is provided during subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host/IT service provider through your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR out of our overriding legitimate interest in ensuring trouble-free operation of our website and in improving our offering.
Your data will be transmitted to Canada, among other places. There is an adequacy decision from the EU Commission for data transfers to Canada.
Contact
Responsible person
Contact us if you wish. The person responsible for data processing is: Michael Pasti, Reisachstraße 4, 70771 Leinfelden-Echterdingen Germany, +491737027510, michael.pasti@nastila.de
Initiative contact from the customer via email
If you initiate business contact with us via email, we will only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves the purpose of establishing contact.
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR. We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when sending images via upload
We provide an upload function for image files on our website. This makes it possible to send images to us using encrypted data transmission. When you submit your images, we may only collect your personal data (image of an identifiable person) to the extent provided by you. The data processing serves the purpose of creating personalized products. The image sent serves as a template for the product and is used for this purpose (e.g. T-shirt printing). The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data may be passed on to service providers that we use for order processing. It will not be passed on to other third parties.
We will only use the image you send as part of the provision of the service. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when sending images by email
You have the option of sending us images by email in connection with ordering a personalized product.
When you submit your images, we may only collect your personal data (image of an identifiable person) to the extent provided by you. The data processing serves the purpose of creating personalized products. The image sent serves as a template for the product and is used for this purpose (e.g. T-shirt printing). The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data will not be passed on.
We will only use the image you send as part of the provision of the service. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, your name if provided, and other data to the extent provided by you. For the service, we use a mobile device whose address book only stores data from users who have contacted us via WhatsApp. Personal data will not be passed on to WhatsApp without you having already given your consent to WhatsApp.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard -contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR for our overriding legitimate interest in providing quick and easy contact and in answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service (https://www.whatsapp.com/legal/#terms-of-service ) and https://www.whatsapp.com/legal/#privacy-policy (https://www.whatsapp.com/legal/#privacy-policy).
Customer account orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without this affecting the lawfulness of the processing carried out based on your consent before its revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, service providers for order processing and IT service providers. In all cases we strictly observe the legal requirements. The amount of data transmission is limited to a minimum.
Your data will be transmitted to Canada, among other places. There is an adequacy decision from the EU Commission for data transfers to Canada.
Reviews advertising
Data collection when writing a comment or rating
When commenting/rating an article or post, we only collect your personal data (name, email address, comment text) to the extent you provide it. The processing serves the purpose of enabling comments/ratings and displaying comments/ratings.
By submitting the comment/review, you consent to the processing of the transmitted data. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your personal data will then be deleted.
When your comment is published, the name and email address you provided will be published.
Use of your personal data to send you postal advertising
We use your personal data (name, address), which we received in the context of selling a good or service, to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your address data at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.
Use of the email address to send newsletters
Regardless of the contract processing, we use your email address exclusively for our own advertising purposes to send newsletters, provided you have expressly agreed to this. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") to send the newsletter as part of order processing.
We pass on the information you provided when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device as well as the time. Usage profiles can be created from this data under a pseudonym. The data collected will not be used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transmitted to Klaviyo servers in the USA and stored there. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo is not certified according to the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard -contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in a targeted, advertising-effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice (https://www.klaviyo.com/legal/privacy-notice) and at https://www.klaviyo .com/legal/data-processing-agreement (https://www.klaviyo.com/legal/data-processing-agreement).
Use of the mobile phone number to send SMS advertising
Regardless of the contract processing, we use your mobile phone number exclusively for our own advertising purposes to send SMS advertising, provided you have expressly agreed to this.
Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your mobile phone number will then be removed from the distribution list.
Your mobile phone number will be passed on to a service provider for sending SMS messages as part of order processing.
Shipping service provider merchandise management
Passing on the email address to shipping companies for information about shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly agreed to this in the ordering process. The purpose of the transfer is to inform you by email about the shipping status. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Use of an external merchandise management system
We use an inventory management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal easybill GmbH, Düsselstr. 21, 41654 Kaarst
transmitted.
Payment service provider
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service. In order to integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS (http://www.paypal .com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS).
Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right to obtain credit information based on mathematical and statistical methods using credit agencies. For this purpose, PayPal sends the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of non-payment to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes, among other things, address data. Your concerns will be considered in accordance with the statutory provisions. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if PayPal makes advance payments.
For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method you require. Failure to provide this means that the contract cannot be concluded using the payment method you have chosen.
Third Party
If you pay using a third-party payment method, the data required to process the payment will be transmitted to PayPal. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. To carry out this payment method, PayPal may then pass on the data to the respective provider. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Local third parties can be, for example:
- Immediately (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)
Purchase on account via PayPal
When paying via the purchase invoice payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, PayPal will then transmit the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Ratepay may carry out a credit report based on mathematical-statistical procedures (probability or score values) using credit agencies according to the process described above. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ (https://www.ratepay.com/legal-payment-dataprivacy/) and https:/ /www.ratepay.com/legal-payment-creditagencies/ (https://www.ratepay.com/legal-payment-creditagencies/).
Further information on data processing when using PayPal can be found in the associated data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full (https://www.paypal.com/de/webapps /mpp/ua/privacy-full).
Cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them and prevent the storage of the cookies and the transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to fully use all of the functions of this website.
You can find out how you can manage cookies in the most important browsers (including deactivating them) using the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de (https://support.google.com/accounts/answer/61416?hl=de)
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 (https://support.microsoft.com /de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09)
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne (https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne)
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/ safari/manage-cookies-and-website-data-sfri11471/mac)
Technically necessary cookies
Unless otherwise stated in the data protection declaration below, we only use these technically necessary cookies for the purpose of making our offering more user-friendly, effective and secure. Cookies also enable our systems to recognize your browser even after you change pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.
The use of cookies or comparable technologies is based on Section 25 Paragraph 2 TTDSG. Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Plug-ins and others
Using Google Tag Manager
We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. The data processing serves the purpose of tailoring and optimizing our website.
The Google Tag Manager itself neither stores cookies nor processes personal data. However, it enables the triggering of additional tags that can collect and process personal data.
Further information on terms of use and data protection can be found here (https://www.google.com/intl/de/tagmanager/use-policy.html).
Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human or by automated, machine processing. For this purpose, your input will be transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to Google LLC servers in the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Article 6 Paragraph 1 Letter a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Further information about Google reCAPTCHA and the associated data protection declaration can be found at: https://www.google.com/recaptcha/intro/android.html (https://www.google.com/recaptcha/intro/android.html) as well https://www.google.com/privacy (https://www.google.com/privacy).
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is a partnership with Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google") affiliated company.
The function displays videos stored on YouTube in an iFrame on the website. The “Extended data protection mode” option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection information at https://www.youtube.com/t/privacy (https://www .youtube.com/t/privacy).
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of uniformly displaying fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Cookies can be used here. Among other things, your IP address and information about the browser you use are processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in a user-friendly and aesthetic design of our website. For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR by notifying us.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ (https://www.google.de/intl/de/policies/) and at https:// developers.google.com/fonts/faq (https://developers.google.com/fonts/faq).
Use of Google Translate
We use the translation service on our website via an API integration
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).
The data processing serves the purpose of presenting the information provided on the website in another language. In order for the translation to be displayed automatically based on your choice of national language, the browser you use connects to Google's servers. Cookies can be used here. Among other things, the following information can be collected and processed: IP address, URL of the page visited, date and time.
Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a barrier-free and universal accessibility design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation. You can prevent the storage of cookies by selecting the appropriate technical settings in your browser software; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Further information on how Google collects and uses your data can be found at: https://www.google.com/policies/privacy/ (https://www.google.com/policies/privacy/).
Rights of those affected and storage period
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the deadline has expired, unless you have agreed to further processing and use.
Rights of the data subject
If the legal requirements are met, you are entitled to the following rights in accordance with Articles 15 to 20 of the GDPR: right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR, as well as to processing for the purpose of direct advertising.
Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that your personal data is not being processed lawfully.
You can lodge a complaint with, among other things, the supervisory authority responsible for us, which you can reach using the following contact details:
State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de
Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If personal data is processed for direct advertising purposes, you can object to this processing at any time by notifying us. After an objection has been made, we will stop processing the data concerned for the purpose of direct advertising.
last updated: July 13, 2023
Unless otherwise stated below, the provision of your personal data is neither required by law nor contractually, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide it has no consequences. This only applies if no other information is provided during subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Every time you access our website, usage data is transmitted to us or our web host/IT service provider through your Internet browser and stored in log data (so-called server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred and the requesting provider.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR out of our overriding legitimate interest in ensuring trouble-free operation of our website and in improving our offering.
Your data will be transmitted to Canada, among other places. There is an adequacy decision from the EU Commission for data transfers to Canada.
Contact
Responsible person
Contact us if you wish. The person responsible for data processing is: Michael Pasti, Reisachstraße 4, 70771 Leinfelden-Echterdingen Germany, +491737027510, michael.pasti@nastila.de
Initiative contact from the customer via email
If you initiate business contact with us via email, we will only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves to process and answer your contact request.
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when using the contact form
When you use the contact form, we only collect your personal data (name, email address, message text) to the extent provided by you. The data processing serves the purpose of establishing contact.
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. If contact is made for other reasons, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter f GDPR due to our overriding legitimate interest in processing and answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR. We only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when sending images via upload
We provide an upload function for image files on our website. This makes it possible to send images to us using encrypted data transmission. When you submit your images, we may only collect your personal data (image of an identifiable person) to the extent provided by you. The data processing serves the purpose of creating personalized products. The image sent serves as a template for the product and is used for this purpose (e.g. T-shirt printing). The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data may be passed on to service providers that we use for order processing. It will not be passed on to other third parties.
We will only use the image you send as part of the provision of the service. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Collection and processing when sending images by email
You have the option of sending us images by email in connection with ordering a personalized product.
When you submit your images, we may only collect your personal data (image of an identifiable person) to the extent provided by you. The data processing serves the purpose of creating personalized products. The image sent serves as a template for the product and is used for this purpose (e.g. T-shirt printing). The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data will not be passed on.
We will only use the image you send as part of the provision of the service. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and answer your contact request. For this purpose, we collect and process your mobile phone number stored on WhatsApp, your name if provided, and other data to the extent provided by you. For the service, we use a mobile device whose address book only stores data from users who have contacted us via WhatsApp. Personal data will not be passed on to WhatsApp without you having already given your consent to WhatsApp.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is not certified under the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard -contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
If the contact is used to carry out pre-contractual measures (e.g. advice if you are interested in buying, preparing an offer) or concerns a contract that has already been concluded between you and us, this data processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
If contact is made for other reasons, this data processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR for our overriding legitimate interest in providing quick and easy contact and in answering your request. In this case, you have the right, for reasons arising from your particular situation, to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR.
We only use your personal data to process your request. Your data will then be deleted in compliance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service (https://www.whatsapp.com/legal/#terms-of-service ) and https://www.whatsapp.com/legal/#privacy-policy (https://www.whatsapp.com/legal/#privacy-policy).
Customer account orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. The data processing serves the purpose of improving your shopping experience and simplifying order processing. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without this affecting the lawfulness of the processing carried out based on your consent before its revocation. Your customer account will then be deleted.
Collection, processing and transfer of personal data when placing orders
When you place an order, we only collect and process your personal data to the extent that this is necessary to fulfill and process your order and to process your inquiries. The provision of the data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded. The processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR and is necessary for the fulfillment of a contract with you.
Your data will be passed on, for example, to the shipping companies and dropshipping providers you have chosen, payment service providers, service providers for order processing and IT service providers. In all cases we strictly observe the legal requirements. The amount of data transmission is limited to a minimum.
Your data will be transmitted to Canada, among other places. There is an adequacy decision from the EU Commission for data transfers to Canada.
Reviews advertising
Data collection when writing a comment or rating
When commenting/rating an article or post, we only collect your personal data (name, email address, comment text) to the extent you provide it. The processing serves the purpose of enabling comments/ratings and displaying comments/ratings.
By submitting the comment/review, you consent to the processing of the transmitted data. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your personal data will then be deleted.
When your comment is published, the name and email address you provided will be published.
Use of your personal data to send you postal advertising
We use your personal data (name, address), which we received in the context of selling a good or service, to send you postal advertising, unless you have objected to this use. The provision of this data is necessary for the conclusion of the contract. Failure to provide it will result in no contract being concluded.
The processing is carried out on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in direct advertising. You can object to this use of your address data at any time by notifying us. The contact details for exercising your objection can be found in the legal notice.
Use of the email address to send newsletters
Regardless of the contract processing, we use your email address exclusively for our own advertising purposes to send newsletters, provided you have expressly agreed to this. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation. You can unsubscribe from the newsletter at any time using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the distribution list.
Using Klaviyo
We use the service of Klaviyo Inc. (125 Summer St Floor 7, Boston, MA 02111, USA; "Klaviyo") to send the newsletter as part of order processing.
We pass on the information you provided when registering for the newsletter (email address, first and last name if applicable) to Klaviyo. The data processing serves the purpose of sending the newsletter and its statistical evaluation.
In order to evaluate newsletter campaigns, the newsletters sent contain a 1x1 pixel graphic (tracking pixel) or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any integrated links. In this context, we collect your personal data such as IP address, browser type and device as well as the time. Usage profiles can be created from this data under a pseudonym. The data collected will not be used to identify you personally. The data collected is only used for statistical evaluation to improve newsletter campaigns.
Your data is usually transmitted to Klaviyo servers in the USA and stored there. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Klaviyo is not certified according to the TADPF. The data transfer takes place, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard -contractual-clauses-scc_de (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de).
Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in a targeted, advertising-effective and user-friendly newsletter system. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on data protection at Klaviyo can be found at https://www.klaviyo.com/legal/privacy-notice (https://www.klaviyo.com/legal/privacy-notice) and at https://www.klaviyo .com/legal/data-processing-agreement (https://www.klaviyo.com/legal/data-processing-agreement).
Use of the mobile phone number to send SMS advertising
Regardless of the contract processing, we use your mobile phone number exclusively for our own advertising purposes to send SMS advertising, provided you have expressly agreed to this.
Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its revocation. Your mobile phone number will then be removed from the distribution list.
Your mobile phone number will be passed on to a service provider for sending SMS messages as part of order processing.
Shipping service provider merchandise management
Passing on the email address to shipping companies for information about shipping status
We pass on your email address to the transport company as part of the contract processing, provided you have expressly agreed to this in the ordering process. The purpose of the transfer is to inform you by email about the shipping status. Processing is carried out on the basis of Article 6 Paragraph 1 Letter a GDPR with your consent. You can revoke your consent at any time by notifying us or the transport company, without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Use of an external merchandise management system
We use an inventory management system to process the contract as part of order processing. For this purpose, your personal data collected as part of the order will be sent to
Billbee GmbH, Arolser Str. 10, 34477 Twistetal easybill GmbH, Düsselstr. 21, 41654 Kaarst
transmitted.
Payment service provider
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the PayPal Express payment service. In order to integrate this payment service, it is necessary for PayPal to collect, store and analyze data (e.g. IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies can also be used for this purpose. The cookies enable your browser to be recognized.
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a customer-oriented offer of various payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated data protection declaration at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS (http://www.paypal .com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS).
Using PayPal Check-Out
We use the PayPal Check-Out payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of being able to offer you payment via the payment service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal or “Pay later” via PayPal, the data required for payment processing will be transmitted to PayPal in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR.
Credit card via PayPal, direct debit via PayPal & “Pay later” via PayPal
For individual payment methods such as credit card via PayPal, direct debit via PayPal or "Pay later" via PayPal, PayPal reserves the right to obtain credit information based on mathematical and statistical methods using credit agencies. For this purpose, PayPal sends the personal data required for a credit check to a credit agency and uses the information received about the statistical probability of non-payment to make a balanced decision about the establishment, implementation or termination of the contractual relationship. The credit report can contain probability values (score values) that are calculated on the basis of scientifically recognized mathematical-statistical methods and whose calculation includes, among other things, address data. Your concerns will be considered in accordance with the statutory provisions. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if PayPal makes advance payments.
For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR by notifying PayPal. The provision of the data is necessary for the conclusion of the contract with the payment method you require. Failure to provide this means that the contract cannot be concluded using the payment method you have chosen.
Third Party
If you pay using a third-party payment method, the data required to process the payment will be transmitted to PayPal. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. To carry out this payment method, PayPal may then pass on the data to the respective provider. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Local third parties can be, for example:
- Immediately (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main)
Purchase on account via PayPal
When paying via the purchase invoice payment method, the data required for payment processing is first transmitted to PayPal. To carry out this payment method, PayPal will then transmit the data to Ratepay GmbH (Franklinstraße 28-29, 10587 Berlin; "Ratepay") in order to be able to fulfill the contract with you using the selected payment method. This processing is carried out on the basis of Article 6 Paragraph 1 Letter b GDPR. Ratepay may carry out a credit report based on mathematical-statistical procedures (probability or score values) using credit agencies according to the process described above. The data processing serves the purpose of checking your creditworthiness to initiate a contract. The processing is carried out on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in protecting against non-payment if Ratepay makes advance payments. Further information on data protection and which credit agencies use Ratpay can be found at https://www.ratepay.com/legal-payment-dataprivacy/ (https://www.ratepay.com/legal-payment-dataprivacy/) and https:/ /www.ratepay.com/legal-payment-creditagencies/ (https://www.ratepay.com/legal-payment-creditagencies/).
Further information on data processing when using PayPal can be found in the associated data protection declaration at https://www.paypal.com/de/webapps/mpp/ua/privacy-full (https://www.paypal.com/de/webapps /mpp/ua/privacy-full).
Cookies
Our website uses cookies. Cookies are small text files that are stored in the Internet browser or by the Internet browser on a user's computer system. When a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them and prevent the storage of the cookies and the transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may then not be able to fully use all of the functions of this website.
You can find out how you can manage cookies in the most important browsers (including deactivating them) using the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de (https://support.google.com/accounts/answer/61416?hl=de)
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09 (https://support.microsoft.com /de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09)
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne (https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehne)
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac (https://support.apple.com/de-de/guide/ safari/manage-cookies-and-website-data-sfri11471/mac)
Technically necessary cookies
Unless otherwise stated in the data protection declaration below, we only use these technically necessary cookies for the purpose of making our offering more user-friendly, effective and secure. Cookies also enable our systems to recognize your browser even after you change pages and to offer you services. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.
The use of cookies or comparable technologies is based on Section 25 Paragraph 2 TTDSG. Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering.
You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Plug-ins and others
Using Google Tag Manager
We use the Google Tag Manager from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
This application manages JavaScript tags and HTML tags, which are used to implement tracking and analysis tools in particular. The data processing serves the purpose of tailoring and optimizing our website.
The Google Tag Manager itself neither stores cookies nor processes personal data. However, it enables the triggering of additional tags that can collect and process personal data.
Further information on terms of use and data protection can be found here (https://www.google.com/intl/de/tagmanager/use-policy.html).
Use of Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. The query serves the purpose of distinguishing between input by a human or by automated, machine processing. For this purpose, your input will be transmitted to Google and used there. In addition, the IP address and any other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transmitted to Google LLC servers in the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
The use of cookies or comparable technologies takes place with your consent on the basis of Section 25 Paragraph 1 Sentence 1 TTDSG in conjunction with Article 6 Paragraph 1 Letter a GDPR. The processing of your personal data takes place with your consent on the basis of Art. 6 Para. 1 lit. a GDPR. You can revoke your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its revocation.
Further information about Google reCAPTCHA and the associated data protection declaration can be found at: https://www.google.com/recaptcha/intro/android.html (https://www.google.com/recaptcha/intro/android.html) as well https://www.google.com/privacy (https://www.google.com/privacy).
Use of YouTube
We use the function for embedding YouTube videos from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "YouTube") on our website. YouTube is a partnership with Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; "Google") affiliated company.
The function displays videos stored on YouTube in an iFrame on the website. The “Extended data protection mode” option is activated. This means that YouTube does not store any information about website visitors. Only when you watch a video is information about it transmitted to YouTube and stored there. Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in the needs-based and targeted design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation.
Further information on the collection and use of data by YouTube and Google, your rights in this regard and options for protecting your privacy can be found in YouTube's data protection information at https://www.youtube.com/t/privacy (https://www .youtube.com/t/privacy).
Use of Google Fonts
We use Google Fonts from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website.
The data processing serves the purpose of uniformly displaying fonts on our website. In order to load the fonts, a connection to Google servers is established when the page is accessed. Cookies can be used here. Among other things, your IP address and information about the browser you use are processed and transmitted to Google. This data is not linked to your Google account.
Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Article 6 Paragraph 1 Letter f of the GDPR due to our overriding legitimate interest in a user-friendly and aesthetic design of our website. For reasons arising from your particular situation, you have the right to object at any time to this processing of your personal data based on Article 6 Paragraph 1 Letter f of the GDPR by notifying us.
Further information on data processing and data protection can be found at https://www.google.de/intl/de/policies/ (https://www.google.de/intl/de/policies/) and at https:// developers.google.com/fonts/faq (https://developers.google.com/fonts/faq).
Use of Google Translate
We use the translation service on our website via an API integration
Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).
The data processing serves the purpose of presenting the information provided on the website in another language. In order for the translation to be displayed automatically based on your choice of national language, the browser you use connects to Google's servers. Cookies can be used here. Among other things, the following information can be collected and processed: IP address, URL of the page visited, date and time.
Your data may be transferred to the USA. The EU Commission has an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google is not certified according to the TADPF. The data transfer is based, among other things, on the basis of standard contractual clauses as appropriate guarantees for the protection of personal data, which can be viewed at: https://policies.google.com/privacy/frameworks (https://policies.google.com/privacy/frameworks).
Your personal data is processed on the basis of Art. 6 Para. 1 lit. f GDPR due to our overriding legitimate interest in a barrier-free and universal accessibility design of the website. You have the right to object to this processing of personal data concerning you at any time for reasons relating to your particular situation. You can prevent the storage of cookies by selecting the appropriate technical settings in your browser software; However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Further information on how Google collects and uses your data can be found at: https://www.google.com/policies/privacy/ (https://www.google.com/policies/privacy/).
Rights of those affected and storage period
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then taking into account statutory retention periods, in particular tax and commercial law, and then deleted after the deadline has expired, unless you have agreed to further processing and use.
Rights of the data subject
If the legal requirements are met, you are entitled to the following rights in accordance with Articles 15 to 20 of the GDPR: right to information, to correction, to deletion, to restriction of processing, to data portability.
In addition, according to Art. 21 Para. 1 GDPR, you have the right to object to processing based on Art. 6 Para. 1 f GDPR, as well as to processing for the purpose of direct advertising.
Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that your personal data is not being processed lawfully.
You can lodge a complaint with, among other things, the supervisory authority responsible for us, which you can reach using the following contact details:
State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel.: +49 711 6155410
Fax: +49 711 61554115
Email: poststelle@lfdi.bwl.de
Right to object
If the personal data processing listed here is based on our legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation.
After an objection has been made, the processing of the data concerned will be terminated unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
If personal data is processed for direct advertising purposes, you can object to this processing at any time by notifying us. After an objection has been made, we will stop processing the data concerned for the purpose of direct advertising.
last updated: July 13, 2023