Go to homepage
€0.00*

Zur Datenschutzerklärung in deutscher Sprache:
https://www.wunsch1.de/Info/Datenschutzerklaerung/

Privacy Policy


1) Information on the collection of personal data and contact details of the controller

1.1 We are pleased that you are visiting our online presence (hereinafter “website”) and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. Personal data is all data with which you can be personally identified.

1.2 The controller within the meaning of data protection law is Mikail Sakalsiz, Liebigstr. 10, 44627 Herne, Germany, e-mail: [email protected]. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Making contact

2.1

Personal data is collected when you contact us (e.g. via contact form or email). Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your request; this is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

2.2 Communication via WhatsApp

For communication with our customers and other third parties, we use the instant messaging service WhatsApp, among others. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp receives access to metadata that is created in the course of the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp states that it shares the personal data of its users with its parent company Meta, which is based in the USA. Further details on data processing can be found in WhatsApp's privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

WhatsApp is used on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data processing takes place exclusively on the basis of the consent; this can be revoked at any time with effect for the future.

The communication content exchanged between you and us on WhatsApp will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/7735.

We use WhatsApp in the “WhatsApp Business” version.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.whatsapp.com/legal/business-data-transfer-addendum.


3) Data processing for order processing

The personal data collected by us will be passed on to the transport company commissioned with the delivery as part of the contract processing, insofar as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution within the scope of payment processing, insofar as this is necessary for payment processing. If payment service providers are used, we will provide explicit information about this below.

If necessary, we provide our service providers with further data, which they use together with the data necessary for processing the payment as our processors for the purpose of fraud prevention and the optimization of our payment processes (e.g. invoicing, processing of disputed payments, accounting support). In accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, this serves to safeguard our legitimate interests in our protection against fraud and efficient payment management, which predominate in the context of a balancing of interests.

4) Access data and hosting

4.1

You can visit our websites without providing any personal data. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access. This access data is analyzed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This serves to safeguard our legitimate interests in a correct presentation of our offer in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, which predominate in the context of a balancing of interests.

4.2 Hosting

The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in the forms provided on this website will be processed on their servers.

5) Customer account

If you have given your consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR by deciding to open a customer account, we will use your data for the purpose of opening a customer account and storing your data for further future orders on our website. Deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described in this privacy policy or via a function provided for this purpose in the customer account. After deletion of your customer account, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.


6) Cookies and other technologies

6.1 General information

In order to make visiting our website attractive and to enable the use of certain functions, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies). Protection of privacy on end devices When using our online offer, we use absolutely necessary technologies to be able to provide the expressly requested telemedia service. The storage of information in your end device or access to information that is already stored in your end device does not require consent in this respect. For functions that are not absolutely necessary, the storage of information in your end device or access to information that is already stored in your end device requires your consent. We would like to point out that if you do not give your consent, parts of the website may not be fully usable. Any consent you have given will remain in place until you adjust or reset the respective settings on your device. Any downstream data processing by cookies and other technologies We use technologies that are absolutely necessary for the use of certain functions of our website (e.g. shopping cart function). These technologies collect and process the IP address, time of visit, device and browser information as well as information about your use of our website (e.g. information about the contents of the shopping cart). In the context of a balancing of interests, this serves overriding legitimate interests in an optimized presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.

6.2 Cookie settings

You can find the cookie settings for your browser under the following links Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™ If you have consented to the use of technologies in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, you can revoke your consent at any time by sending a message to the contact option described in the data protection declaration.

7) Cloudflare

We use the “Cloudflare” service. The provider is Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as “Cloudflare”).

Cloudflare offers a globally distributed content delivery network with DNS. The information transfer between your browser and our website is technically routed via the Cloudflare network. This enables Cloudflare to analyze the data traffic between your browser and our website and to serve as a filter between our servers and potentially malicious data traffic from the Internet. Cloudflare may also use cookies or other technologies to recognize Internet users, but these are used solely for the purpose described here.

The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.cloudflare.com/privacypolicy/.

Further information on security and data protection at Cloudflare can be found here: https://www.cloudflare.com/privacypolicy/.

The company is certified according to the “EU-US Data Privacy Framework” (DPF), an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000GnZKAA0&status=Active

Order processing We have concluded an order processing contract (AVV) for the use of the above-mentioned service, which is a contract prescribed by data protection law and ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

8) Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis.

9) Analysis and statistics

Purpose of processing: Together with our store software service provider, we evaluate certain information of our customer base under joint responsibility (e.g. the customer group, pages visited, click paths, date and time of the visit, information about the end device used (resolution, resolution density, operating system), referrer URL, information of the browser used, locale, search queries and the time zone). This information is processed by an external service provider and forwarded to us in approximate real time so that we can monitor the use of our website and improve our offerings.

Legal basis: Art. 6 para. 1 letter f GDPR
Data categories: Derived from master and contact data (the customer group, no individual customer data), usage data, connection data
Recipient of the data: shopware AG, Ebbinghoff 10, 48624 Schöppingen, Germany (as joint controller), IT service provider
The essence of joint responsibility: Joint responsibility exists between us and shopware AG; the data is collected on our store and then transferred to servers of shopware or its service providers; with the exception of obtaining your consent for the use of cookies or comparable technologies and the fulfillment of these information obligations, all obligations, in particular the implementation of the rights of data subjects, are the responsibility of shopware AG, which you can reach at [email protected]. You can also assert your data subject rights with us; we will then forward your request to shopware AG accordingly. shopware AG can derive behavior patterns on our store from the data collected, but cannot assign this data to you as a person.
Intended third country transfer: None
Do we store or read personal data on your end device based on your consent? Yes, see Consent Management for details.
10) External links to social media platforms
On our website you will find links to our company presence on various social media platforms (e.g. Facebook, Instagram, YouTube, Pinterest, TikTok, X). If you click on such a link, a direct connection is established between your your browser and the servers of the respective social media service. established.
The following information is transmitted to the provider transmitted:
  • Address of the website on which the activated link is located
  • Date and time the link was accessed or activated
  • Information about the browser and operating system used
  • Your IP address
If If you are already logged in to the corresponding social media social media service at the time you click on the link, the provider may be able to possibly use this data to determine your user name and, if applicable, your real name and assign this information to your personal user account. user account. 
11) Rights of the data subject 
11.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, about which we inform you below: Right of access pursuant to Art. 15 GDPR; Right to rectification pursuant to Art. 16 GDPR; Right to erasure pursuant to Art. 17 GDPR; Right to restriction of processing pursuant to Art. 18 GDPR; Right to information pursuant to Art. 19 GDPR; Right to data portability pursuant to Art. 20 GDPR; Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR; Right to lodge a complaint pursuant to Art. 77 GDPR.
11.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA AS PART OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS. IF YOUR PERSONAL DATA IS PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE YOUR RIGHT TO OBJECT AS DESCRIBED ABOVE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
12) Duration of storage of personal data
The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law). When processing personal data on the basis of express consent in accordance with Art. 6 para. 1 lit. a GDPR, this data is stored until the data subject withdraws their consent. If there are statutory retention periods for data that is processed within the scope of legal or similar obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in further storage. When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 2 GDPR. Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
  
 This website uses cookies to ensure the best experience possible. More information...