Data protection
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for the conclusion of a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This only applies unless otherwise stated during the subsequent processing operations.
“Personal data” means any information relating to an identified or identifiable natural person.
contact
Person responsible
Please contact us if you wish. The person responsible for data processing is: Alexis Tsiamis, Albingerstr. 34, 44269 Dortmund , Germany, +49 176 73060987, info@tresor-schloss.de
Customer's proactive contact via email
If you initiate business contact with us via email, we will only collect your personal data (name, email address, message text) to the extent you provide it. This data processing serves to process and respond to your contact request.
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is based on Art. 6 (1) (f) GDPR, based on our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time, for reasons arising from your particular situation.
We will only use your email address to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Collection and processing when sending images by email
You have the option of sending us pictures by email in connection with ordering a personalized product.
When you submit your images, we may collect your personal data (image of an identifiable person) only to the extent you have provided it. The data processing serves the purpose of creating personalized products. The submitted image serves as a template for the product and is used for this purpose (e.g., T-shirt printing). Processing is based on Art. 6 (1) (b) GDPR and is necessary for the fulfillment of a contract with you.
Your data will not be passed on.
We will only use the image you send us for the purpose of providing our services. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
WhatsApp Business
If you contact us via WhatsApp, we use the WhatsApp Business version of WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; "WhatsApp"). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number stored with WhatsApp, your name if provided, and other data to the extent you provide it. We use a mobile device for the service, whose address book only stores data from users who have contacted us via WhatsApp. Personal data will therefore not be passed on to WhatsApp without your prior consent.
Your data will be transmitted by WhatsApp to Meta Platforms Inc. servers in the USA.
There is no adequacy decision from the EU Commission for the USA. Data transfers are based, among other things, on standard contractual clauses as appropriate safeguards for the protection of personal data, available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de .
If the contact serves to carry out pre-contractual measures (e.g. advice in the event of purchase interest, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 (1) (b) GDPR.
If contact is made for other reasons, this data processing is based on Art. 6 (1) (f) GDPR, based on our overriding legitimate interest in providing quick and easy contact and answering your inquiry. In this case, you have the right to object to this processing of personal data concerning you based on Art. 6 (1) (f) GDPR at any time for reasons arising from your particular situation.
We use your personal data only to process your request. Your data will then be deleted in compliance with statutory retention periods unless you have consented to further processing and use.
Further information on terms of use and data protection when using WhatsApp can be found at https://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
Orders
Shipping service provider
Passing on the email address to shipping companies to inform them about the shipping status
We will share your email address with the shipping company as part of the contract processing, provided you have expressly consented to this during the ordering process. This sharing serves the purpose of informing you about the shipping status by email. Processing is carried out on the basis of Art. 6 (1) (a) GDPR with your consent. You can revoke your consent at any time by notifying us or the shipping company, without affecting the legality of the processing carried out on the basis of your consent until the revocation.
Payment service providers
Using PayPal
We use the PayPal payment service provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. Data processing serves the purpose of offering you payment via the payment service. By selecting and using payment via PayPal, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is based on Art. 6 (1) (b) GDPR.
All PayPal transactions are subject to the PayPal Privacy Policy, which can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full
We use the PayPal Express payment service provided by PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The purpose of this data processing is to offer you payment via the PayPal Express payment service. To integrate this payment service, PayPal must collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, and device location) when you visit the website. Cookies may also be used for this purpose. Cookies enable the recognition of your browser.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR, based on our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object to this processing of personal data concerning you at any time for reasons arising from your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is based on Art. 6 (1) (b) GDPR. Further information on data processing when using the PayPal Express payment service can be found in the associated privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS .
- Immediately (SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany)
- giropay (Paydirekt GmbH, Stephanstr. 14-16, 60313 Frankfurt am Main
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
We use the payment service provider Mollie BV (Keizersgracht 313, 1016 EE Amsterdam, Netherlands; "Mollie") to process payments on our website. The purpose of this data processing is to offer you various payment methods through payment processing via the payment service provider Mollie. If you have chosen one of the payment options offered by the payment service provider Mollie, the data required for payment processing will be transmitted to Mollie. This includes your payment details (e.g., bank account number or credit card number), your IP address, your internet browser and device type, and in some cases, your first and last name, your address details, and information about the product or service you have purchased from us. This data processing is based on Art. 6 (1) (b) GDPR. Further information on data processing when using the payment service provider Mollie can be found in the associated privacy policy : https://www.mollie.com/de/privacy
Cookies
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Use of Google Analytics 4
We use the web analysis service Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) on our website.
The data processing serves the purpose of analyzing this website and its visitors, as well as for marketing and advertising purposes. Google will use the information obtained on behalf of the website operator to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services related to website activity and internet usage.
The following information may be collected, among others: IP address, date and time of the page visit, click path, information about the browser and device you use, pages visited, referrer URL (website from which you accessed our website), location data, and purchasing activities. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Google uses technologies such as cookies, web storage in the browser and tracking pixels, which enable an analysis of your use of the website. The information generated in this way about your use of the website is usually transferred to a Google server in the USA and stored there. There is no adequacy decision from the EU Commission for the USA. The data is transferred on the basis of, among other things, standard contractual clauses as suitable guarantees for the protection of personal data, available at: https://policies.google.com/privacy/frameworks . Both Google and US government authorities have access to your data. Google may link your data with other data, such as your search history, your personal accounts, your usage data from other devices and any other data that Google has about you.
When using Google Analytics 4, the IP address transmitted from your website is automatically collected and processed in an anonymized form. Google will shorten the IP address beforehand within member states of the European Union or in other states party to the Agreement on the European Economic Area.
Your personal data is processed on the basis of Art. 6 (1) (f) GDPR, based on our overriding legitimate interest in tailoring the website to meet your needs and objectives. You have the right to object to this processing of personal data concerning you at any time for reasons related to your particular situation.
You can prevent Google from collecting the data generated by Google Analytics and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de
To prevent Google Analytics from collecting and storing data across all devices, you can set an opt-out cookie. Opt-out cookies prevent your data from being collected in the future when you visit this website. You must opt out on all systems and devices used for this to be effective. If you delete the opt-out cookie, requests will be sent to Google again. If you click here, the opt-out cookie will be set: Deactivate Google Analytics .
Further information on terms of use and data protection can be found at https://policies.google.com/technologies/partner-sites and at https://policies.google.com/privacy?hl=de&gl=de .
Rights of data subjects and storage period
Duration of storage
After the contract has been fully processed, the data will initially be stored for the duration of the warranty period, then in accordance with statutory retention periods, in particular those under tax and commercial law, and then deleted after the expiry of the period unless you have consented to further processing and use.
Rights of the data subject
If the legal requirements are met, you are entitled to the following rights under Articles 15 to 20 GDPR: Right to information, to rectification, to erasure, to restriction of processing, to data portability.
Furthermore, according to Art. 21 (1) GDPR, you have the right to object to processing based on Art. 6 (1) (f) GDPR and to processing for direct marketing purposes.
Right to lodge a complaint with the supervisory authority
According to Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is unlawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
PO Box 20 04 44
40102 Düsseldorf
Phone: +49 211 384240
Fax: +49 211 38424999
Email: poststelle@ldi.nrw.de
Right of objection
If the personal data processing listed here is based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR, you have the right to object to this processing at any time with future effect for reasons arising from your particular situation.
Once you have objected, the processing of the data in question will be stopped unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
last updated: November 29, 2022