Datenschutzerklärung

Privacy policy

1. Name and contact details of the controller and the company data protection officer

The following information on data protection applies to data processing by:
Responsible: Sina Bez, Kartolomio, Münsterstraße 17, 48308 Senden, Germany; phone: 015150511274; e-mail: info@kartolomio.de.
An in-house data protection officer is not required.

2. Collection and storage of personal data as well as type and purpose of use

The legal basis for processing operations in which we obtain consent for a specific processing purpose is always Art. 6 (1) p. 1 lit. a DSGVO. Insofar as the processing of personal data is necessary for the performance of a contract (shipment of goods, provision of services) to which you are a party, the processing is based on Art. 6 (1) p. 1 lit. b DSGVO. The above legal basis also applies in the event of the implementation of pre-contractual measures (e.g. inquiries about our products or services). If our company is subject to a legal (statutory) obligation by which the processing of personal data becomes necessary and which has its basis in Union law or the law of the Member State to which we are subject, the processing is based on Art. 6 (1) sentence 1 lit. c DSGVO. Furthermore, the processing may be based on Art. 6 (1) p. 1 lit. d DSGVO if vital interests are affected (danger to life and limb and/or disasters). In addition, the legal basis for the processing of personal data may be Art. 6 para. 1 p. 1 lit. f DSGVO. In this case, we will inform you separately about our legitimate interest according to Art. 6 para. 1 p. 1 lit. f DSGVO.

a) Visiting our website

When you visit our website, your browser automatically sends information to the servers of our website, which is temporarily stored in a so-called log file. This is the following information:

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which the access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

The data is stored until automatic deletion after seven days. We process this data for the following purposes:

Ensuring a trouble free connection of the website
Ensuring a comfortable use of our website
Evaluation of system security and stability
and for other administrative purposes

The data processing carried out by us is based on Art. 6 para. 1 p. 1 lit. f DSGVO as the legal basis. The purposes of data collection listed above justify our legitimate interest. We do not draw any conclusions about your person from the collected data. In addition, we use cookies and analysis services on our website, which are explained in more detail in sections 4 and 5 of this privacy policy.

b) Contact form

On our website there is a contact form, which you can use for questions of any kind. This type of data processing takes place according to Art. 6 para. 1 p. 1 lit. a DSGVO with your voluntary consent. A valid e-mail address is required so that we know the sender of the request and can answer it. All other information is voluntary. There is an automatic deletion of all personal data collected by us through the use of the contact form as soon as your request has been completed.

3. Disclosure of data

As a matter of principle, your personal data will not be forwarded to third parties. A forwarding only takes place in the following cases:

You have given express consent in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO for the forwarding to third parties;
According to Art. 6 (1) p. 1 lit. f DSGVO, the disclosure is necessary to protect our legitimate interests or those of a third party, in particular to assert or defend legal claims, and you have no overriding legitimate interest in not disclosing your data;
A legal obligation according to Art. 6 para. 1 p. 1 lit. c DSGVO exists; The data will be forwarded according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you. In this case, your personal data will be passed on to third parties exclusively to the service partners involved in the processing of the contract, such as the logistics company commissioned with the delivery, the credit institution commissioned with payment matters or the service company responsible for merchandise management and accounting, insofar as this is absolutely necessary for the fulfillment and processing of the contract. In cases where data is passed on to third parties, the scope of the data passed on is limited to the minimum required for the execution of the contract.

4. Cookies

Our website uses cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser. They enable websites and servers to recognize and identify your browser. We do not have direct knowledge of your identity. Through the use of cookies, we can provide you, the user, with special services that would not be possible without the cookie. The use of temporary cookies makes it easier to use the website, as you do not have to re-enter your access data each time you visit the website, for example, or re-populate the shopping cart of an online store. So-called session cookies allow us to see which individual pages of our website you have already visited. These are automatically deleted after you leave our website. We also use cookies for statistical purposes. They record the use of our website and in this way we can optimize our offer for you (see point 5). These cookies are automatically deleted after a defined period of time. The data processed by cookies are necessary for the aforementioned purposes and serve to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) p. 1 lit. f DSGVO. As a data subject, you can counteract the setting of cookies by our website at any time by means of an appropriate setting of your Internet browser and thus permanently object to the setting of cookies. Cookies that have already been set can be deleted at any time using an Internet browser or other software programs. We would like to point out that deactivating the setting of cookies may mean that you cannot use all the functions of our website.

5. Analysis tools and tracking tools

The legal basis for the use of the following tools is Art. 6 para. 1 p. 1 lit. f DSGVO. Only with these measures can a needs-based design and continuous optimization of our website be ensured. In addition, this allows us to compile statistics on the use of our website and continuously optimize our offer. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective purposes of data processing and the type of data can be found in the corresponding tracking tools.

a) Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"), to design and continuously optimize our website to meet user needs. The tool creates pseudonymized usage profiles and uses cookies for this purpose (see under point 4), which generate the following information:

Browser type/version
Operating system used
Referrer URL (the previously visited page)
Hostname of the accessing computer (IP address)
Time of the server request

This information is transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the activities of the website and to provide other services associated with the use of the website and the Internet for the purposes of market research and the design of these Internet pages to meet requirements. If necessary, this information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. However, the IP addresses are anonymized so that an assignment is not possible (IP masking). Google will not link your IP address with other data. As shown under point 4, the installation of cookies can be prevented by an appropriate setting of the browser software, which may, however, influence the use of the website. The data collection by this tool can also be prevented by a browser add-on, which you can find at the following link: https://tools.google.com/dlpage/gaoptout. On mobile devices, you can simply click on the link to prevent Google Analytics from collecting data. For our website, this sets an opt-out cookie on your device. This will remain in place until you delete it. For more information on data protection in connection with Google Analytics, please refer to the "Help" information provided under the following link: https://support.google.com/analytics/answer/6004245?hl=de. We have concluded the required commissioned data processing agreement with Google. The contract defines the subject and duration of the processing, the type and purpose of the processing, the type of personal data, the categories of data subjects and the obligations and rights incumbent on us under the GDPR. The contract ensures that Google is bound to us to comply with these obligations accordingly. The processing of your data by Google is carried out exclusively on our instructions. We have ensured that Google provides sufficient guarantees that appropriate technical and organizational measures are implemented in such a way that the processing is carried out in accordance with the requirements of the GDPR and ensures the protection of the rights of the data subjects. The Processor shall not use any other Processor without our prior separate or general written consent.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Objection to data collection

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set that prevents the collection of your data during future visits to this website: Deactivate Google Analytics.

For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order data processing

We have concluded an order data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

6. Social Media Plug-ins

On the basis of Art. 6 (1) p. 1 lit. f DSGVO, we use social plug-ins of the social network Facebook to increase our awareness on our website. This promotional purpose is to be classified as a legitimate interest within the meaning of the DSGVO. The respective providers of the plug-ins are responsible for the data protection compliant operation. We try to protect visitors to our website as best as possible by integrating the plug-ins using the so-called two-click method.

Facebook

Social media plug-ins from Facebook in the form of the "LIKE" or "SHARE" buttons are used on our website. This is an offer from Facebook. When you visit a page of our website that contains such a plug-in, your browser establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted by Facebook directly to your browser, which then integrates it into the website. By integrating the plug-ins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plug-ins, for example by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends. Facebook may use this information for the purposes of advertising, market research and demand-oriented design of the Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook. If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook's privacy policy, which you can find under the following link: https://www.facebook.com/about/privacy/

7. Rights of Data Subjects

The new General Data Protection Regulation has significantly expanded your rights. These are listed below and briefly explained, citing the legal basis.

Information, Art. 15 DSGVO: You have the right to request information about your personal data processed by us. This includes, for example, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
Right to rectification, Art. 16 DSGVO: You can immediately request the correction of incorrect or completion of your personal data stored by us;
Right to erasure ("right to be forgotten"), Art. 17 DSGVO: You have a right to have your personal data stored by us erased, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
Right to restriction of processing, Art. 18 DSGVO: You may request that the processing of your personal data be restricted. The prerequisite is that the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO (No. 8);
Right to data transfer, Art. 20 DSGVO: You may request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to have it transferred to another controller;
Revocation of consent, Art. 7 (3) DSGVO: You may revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. However, this does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
Right of complaint, Art. 77 DSGVO: You have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of your personal data violates data protection regulations. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.

8. Right of Objection

You also have the right to object according to Art. 21 DSGVO. This applies to your personal data that is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. e or f DSGVO and insofar as there are grounds for objecting to the processing that arise from your particular situation. If the objection is directed against direct marketing, you have an unrestricted right to object, even without specifying a particular situation. You can assert your right to object and also your other rights, for example, by sending an e-mail to info@kartolomio.de.

9. Data Security

For our website, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser. It is important to us to protect your data. Therefore, we take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

10. Use of PayPal

All PayPal transactions are subject to the PayPal privacy policy. You can find this under https://www.paypal.com/de/webapps/mpp/ua/privacy-prev

11. Transport Service Provider

We offer the service "Parcel notification from DHL". If the goods are delivered by the transport service provider DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany), the user's e-mail address will be forwarded to DHL in accordance with Art. 6 Para. 1 lit. a DSGVO prior to delivery of the goods for the purpose of coordinating a delivery date or for delivery notification, provided that the user has given his express consent for this in the ordering process. Otherwise, only the name of the recipient and the delivery address will be passed on to DHL for the purpose of delivery in accordance with Art. 6 Para. 1 lit. b DSGVO. The disclosure will only be made to the extent necessary for the delivery of goods. In this case, prior coordination of the delivery date with DHL or the delivery notification is not possible.

Consent may be revoked at any time with effect for the future vis-à-vis the responsible person named above or vis-à-vis the transport service provider DHL. Information on DHL's data protection can be viewed at http://www.dhl.de/de/toolbar/footer/datenschutz.html.

12. Server-Logfiles

You can visit our websites without providing any personal information. Every time you access our website, usage data is transmitted by your internet browser and stored in log data (server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the volume of data transferred and the requesting provider. This data is used exclusively to ensure the trouble-free operation of our website and to improve our services. An assignment of this data to a specific person is not possible. All PayPal transactions are subject to the PayPal privacy policy. You can find this under https://www.paypal.com/de/webapps/mpp/ua/privacy-prev

13. Automated Decision-Making

Automatic decision-making or profiling does not take place.

Aktueller Stand: Ende November 2022

Cookie	Dauer	Beschreibung
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.