Privacy Policy

Below, we inform you about the processing of your personal data by us. Personal data as defined by Art. 4 of the GDPR includes all information relating to an identified or identifiable natural person (such as name, address, phone number, email, invoices, bank details, etc., as well as your user behavior). Contents:

  • Contact details
  • Legality of processing personal data
  • Collection and storage of personal data and the nature and purpose of their use
  • Duration of storage and deletion of data
  • Transfer of data to third parties
  • Hosting
  • Cookies
  • Payment service providers
  • Credit assessments
  • Analysis services
  • Social media services
  • Other online services
  • Rights of data subjects
  • Right to object
  • Data security
  • Current status and amendment of this privacy policy

    1. Contact Details

      This privacy information applies to data processing by the following controller:

      Responsible Party: QUADRO DER GROSSBAUKASTEN GmbH
      Address: Am Schilfpark 13, 21029 Hamburg
      Email: info@quadroshop.com
      Phone: +49 (0)40 7900 5080
      Fax: +49 (0)40 5298 2332

        2. Legality of Processing Personal Data

          We generally collect and use personal data of our users only as necessary to provide a functional website as well as our content and services. The collection and use of our users' personal data are generally undertaken only with the user’s consent. An exception applies in cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by statutory regulations. According to Article 6 of the General Data Protection Regulation (GDPR), the processing of personal data is lawful if one or more of the following applies:

          • You have given explicit consent to the processing as per Art. 6 Para. 1 S. 1 lit. a GDPR,
          • The processing is necessary for the performance of a contract with you, or for carrying out pre-contractual measures that occur upon your request as per Art. 6 Para. 1 S. 1 lit. b GDPR,
          • Processing is necessary to protect the vital interests of you or another natural person as per Art. 6 Para. 1 S. 1 lit. d GDPR,
          • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us as per Art. 6 Para. 1 S. 1 lit. e GDPR,
          • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data as per Art. 6 Para. 1 S. 1 lit. f GDPR.

            3. Collection and Storage of Personal Data as well as the Nature and Purpose of Their Use

                During the use of our website, we may process personal data such as contact data, usage data, and communication data from the users of our website (which may be customers, prospects, or visitors). This is done, among other purposes, to provide a functioning online offer, to communicate with users of our website, to process contact requests or customer inquiries, and for the purpose of contract performance. Additionally, data may be collected and processed for marketing purposes.

                We inform you below about the data that can be collected from you and for what purposes it can be processed. When visiting the website:

                When accessing our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called logfile. The following information is recorded without your intervention and stored until automated deletion:

                • IP address of the requesting computer,
                • Date and time of access,
                • Name and URL of the retrieved file,
                • Website from which access is made (referrer URL),
                • The browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

                The data mentioned are processed by us for the following purposes:

                • Ensuring a smooth connection setup of the website,
                • Ensuring comfortable use of our website,
                • Evaluation of system security and stability as well as
                • For further administrative purposes.

                The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person. Furthermore, we use cookies and online services when visiting our website. More detailed explanations can be found in this privacy policy. Pre-contractual inquiries/Contract fulfillment:

                We process personal data that we receive from you during pre-contractual inquiries and in the course of our business relationship. For example, the following personal data may be collected and processed by us: salutation, first and last name, address, telephone number, email address, IBAN / credit card number along with the verification number (only if necessary for payment processing). Furthermore, data may be transferred to third parties (see point 5 "Transfer of Data to Third Parties" in this privacy policy).

                The processing and storage of your submitted data are based on Art. 6 Para. 1 S. 1 lit. b GDPR for the purpose of fulfilling a contract or carrying out pre-contractual measures. In other cases, we process and store your data based on your consent according to Art. 6 Para. 1 S. 1 lit. a GDPR and due to our legitimate interest in processing the inquiries directed to us according to Art. 6 Para. 1 S. 1 lit. f GDPR.

                When signing up for our newsletter:

                You have the option to sign up for our newsletter. For this purpose, we need your email address and, as a voluntary entry for addressing you in the newsletter, your name. We use the so-called double opt-in procedure. Therefore, after signing up, you will receive an email from us requesting you to confirm your registration. By clicking the activation link contained in the email, you confirm being the owner of the email address and that you wish to receive the newsletter. If you have given your explicit consent, we use your email address based on your consent according to Art. 6 Para. 1 S. 1 lit. a GDPR to send you our newsletter regularly with information about our offers. If you do not confirm the activation link within three weeks, we will delete the email address registered for the newsletter. The collected data is used solely for sending the newsletter and documenting your consent. With the newsletter registration, we store your IP address and the date of registration. This storage is solely for proof in case a third party misuses an email address and registers for newsletter reception without the knowledge of the entitled party. We work with a mailing service provider for sending our newsletters. The data is usually transferred directly to the servers of the mailing service provider, possibly in the USA, and stored there. The mailing service provider uses this data for sending and statistically evaluating the newsletters on our behalf. In the context of success measurement, our newsletters contain so-called web beacons (small invisible graphics) to collect information. These are pixel-sized files retrieved from the servers of the mailing service provider when opening the emails. This can be seen, for example, whether the email has been opened. Technical data, such as the IP address, browser type, or the time of retrieval, are also recorded. The evaluation of these data is carried out exclusively to evaluate the reading behavior of our newsletter recipients so that the content can be adapted to the interests of the newsletter recipients. A separate revocation from the success measurement is not possible. If you do not wish success measurement, please unsubscribe from the entire newsletter subscription. The use of a mailing service provider for newsletter sending as well as the success measurement is based on our legitimate interests according to Art. 6 Para. 1 S. 1 lit. f GDPR for an efficient, user-friendly, and secure newsletter system. A data processing agreement according to Art. 28 Para. 3 S. 1 GDPR has been concluded. You can unsubscribe from the newsletter at any time and revoke your given consent, resulting in the deletion of the data stored for newsletter reception, and you will no longer receive newsletters from us. Data stored with us for other purposes remains unaffected by this. You can declare the revocation by clicking on the unsubscribe link provided in each newsletter email or by sending a message to the contact details provided in the imprint.

                Mailing service provider:
                Shopify
                The sending of our newsletters is carried out by the mailing service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, DO4 XN32, Ireland. The privacy policy of Shopify can be viewed here: https://www.shopify.com/legal/privacy


                When setting up a customer account

                You have the option to register with us and set up a customer account. The necessary data (such as name, address, and email) are marked accordingly on the input form. In the customer account, your personal data is stored for the purpose that you do not have to re-enter these data during a later visit to our website and further orders, thus simplifying the ordering process. The customer account is protected by a password chosen by you. You can delete your customer account at any time and revoke your given consent, resulting in the irrevocable deletion of the data stored in the customer account unless statutory retention periods prevent this. A message to the contact details provided in the imprint (also possible via email) is sufficient for this. The processing and storage of your submitted data are based on Art. 6 Para. 1 S. 1 lit. a GDPR in the context of your previously given consent and on Art. 6 Para. 1 S. 1 lit. b GDPR in the context of contract fulfillment.

                4. Duration of Storage and Data Deletion

                Personal data is generally stored only as long as necessary for the purpose for which you have entrusted us with the data. Afterward, the data is permanently deleted. If, however, there are statutory retention periods for storing personal data, we store it for as long as we are legally obliged to do so. Such obligations regularly arise from legal proof and retention obligations, which are regulated, among others, in the Commercial Code and the Tax Code, for tax purposes, for example, ten years. After the statutory retention period expires, the data is permanently deleted. A granted consent to the processing and storage of your personal data according to Art. 6 Para. 1 S. 1 lit. a GDPR can be revoked at any time with the effect that the data - unless statutory retention periods oppose - are permanently deleted. Further rights, which can prohibit us from processing your personal data, arise from Art. 21 Para. 1 and Para. 2 GDPR. Information on the resulting right to object can be found in this privacy policy under item 14 "Right to Object".

                5. Transfer of Data to Third Parties

                We transfer your personal data to third parties only if:

                • You have given your explicit consent to do so according to Art. 6 Para. 1 S. 1 lit. a GDPR,
                • The transfer is necessary to protect our legitimate interests or those of a third party, such as exercising, defending, or asserting legal claims, as per Art. 6 Para. 1 S. 1 lit. f GDPR, unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail,
                • There is a legal obligation for the transfer according to Art. 6 Para. 1 S. 1 lit. c GDPR,
                • The transfer is necessary for payment processing according to Art. 6 Para. 1 S. 1 lit. b GDPR to the payment service provider tasked with payment processing and according to Art. 6 Para. 1 S. 1 lit. f GDPR within the framework of our legitimate interests to offer reliable and secure payment processes, and,
                • It is legally permissible and necessary for the execution of contractual relationships with you according to Art. 6 Para. 1 S. 1 lit. b GDPR, such as transferring address data to a transport company.

                Data can also be transferred to a drop shipper who then sends the goods to you on our behalf. If you order goods to be sent to an address other than yours, this is based on our legitimate interests according to Art. 6 Para. 1 S. 1 lit. f GDPR for proper execution of the contractual relationship. If necessary, a data processing agreement according to Art. 28 Para. 3 S. 1 GDPR has been concluded with the service provider used. In case personal data of the customer is processed in a third country (outside the EU), this occurs within the framework of the customer's previously granted consent, in the context of contract fulfillment, or due to existing legal obligations. The possible transfer takes place while observing the legal requirements. In particular, the regulations of Art. 44 to Art. 49 GDPR apply.

                 

                6. Hosting

                This website is hosted by an external service provider. Personal data collected on this website is stored on the host's servers, possibly in the USA. This may primarily include IP addresses, contact inquiries, communication data, contract data, contact data, website accesses, and other data generated via a website. Our host will process your data only to the extent necessary to fulfill its service obligations and to follow our instructions regarding this data.
                A data processing agreement according to Art. 28 Para. 3 S. 1 GDPR has been concluded with the host. The use of the host is for the purpose of contract fulfillment towards our potential and existing customers according to Art. 6 Para. 1 lit. b GDPR and in the interest of a secure, fast, and effective provision of our online offer according to Art. 6 Para. 1 S. 1 lit. f GDPR.

                Host
                Shopify
                We host our website with the following service provider: Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"). Data can also be transferred in the context of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., or Shopify (USA) Inc. Further information on Shopify's privacy policy can be found at: https://www.shopify.com/legal/privacy

                We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause damage to your device, do not contain viruses, trojans, or other malware. In the cookie, information is stored, which in each case arises in connection with the specifically used terminal device. Necessary cookies are used for the operation of the website, which ensure a smooth function of the website and are not subject to consent. The use of these cookies serves to make the use of our offer more pleasant for you. Thus, we use so-called session cookies. A session ID is generated, which assigns the session to the user and is temporarily stored. This allows several windows of our website to be opened and assigned to the same user, keeping login data or the contents of the shopping cart. Session cookies are deleted when closing the browser. Furthermore, we can use functional cookies. These cookies store settings made during your last visit to the website, such as language selection or internal bookmarks, so that these do not have to be selected again. Future visits to our website can thus be made more pleasant. In addition, so-called performance cookies may be used. These contain information about the use of our website. For example, we can recognize how often and how long our website is visited and which subpages are visited. This allows us to see which areas of our website are particularly interesting for the user. Performance cookies enable the analysis of your surfing behavior for the purpose of optimizing our online offer. Conclusions about you as a user are not possible. Marketing cookies from third parties may be set on your device. The purpose is to analyze user behavior over several websites over a longer period of time in the context of online marketing to place personalized advertising accordingly. You can configure your browser settings according to your wishes and refuse the acceptance of cookies. We would like to point out that you may not be able to use all functions of this website. The use of cookies is either based on your consent according to Art. 6 Para. 1 S. 1 lit. a GDPR or within the framework of our legitimate interests in a functional website according to Art. 6 Para. 1 S. 1 lit. f GDPR.

                8. Payment Service Providers

                The processing of personal data by a payment service provider is based on Article 6(1)(b) of the GDPR for the purpose of contract processing and only to the extent necessary, as well as within our legitimate interests according to Article 6(1)(f) of the GDPR, to offer you reliable and secure payment processes. The responsibility for the data protection-compliant handling of the data collected and processed by the payment provider lies with the respective payment provider.

                PayPal When paying using a payment method provided by PayPal (direct debit, credit card, installment payment, or purchase on account), the payment processing is carried out via the payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal"). If you choose a payment method from PayPal, you will be redirected to PayPal's website. For the use of this service, PayPal collects, processes, and stores transaction data, such as the amount paid, technical usage data, and location data. PayPal reserves the right to perform a credit check for the aforementioned payment methods. For this purpose, your payment data may be passed on to credit agencies based on Article 6(1)(f) of the GDPR due to PayPal's legitimate interest in determining your creditworthiness. Further privacy-related information can be found in PayPal's privacy policy: PayPal Privacy Policy

                PayPal Checkout When paying via PayPal Checkout, the payment processing is carried out through PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg ("PayPal"). The available payment options are displayed during the checkout process. These may include invoice purchase, credit card payment, payment using an alternative payment method (e.g., giropay, Sofort), PayPal installment payment, payment after 30 days, stored credit card or bank account details, direct debit, and credit card payment by PayPal. For invoice purchases and credit card payments, as well as for payments using alternative payment methods (e.g., giropay, Sofort), a PayPal account is not required. If you choose a payment method from PayPal, you will be redirected to PayPal's website. For the use of this service, PayPal collects, processes, and stores transaction data, such as the amount paid, technical usage data, and location data. PayPal reserves the right to perform a credit check for the aforementioned payment methods and decides at its discretion whether to offer the customer the selected payment method. For this purpose, your payment data may be passed on to credit agencies based on Article 6(1)(f) of the GDPR due to PayPal's legitimate interest in determining your creditworthiness. Invoice purchase within the framework of PayPal Checkout is offered, if available, through Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin (Ratepay Privacy Policy). Further privacy-related information can be found in PayPal's privacy information: PayPal Privacy Full and PayPal Credit Reference

                Google Pay If you choose the payment method "Google Pay," the payment processing is conducted through Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). For this, you need a device capable of using Google Pay, on which Google Pay is set up. The payment is made using a payment card (credit card) stored in Google Pay or via a payment system such as PayPal. The data collected during the payment process are transmitted to Google. The payment is then verified through a token (virtual number) valid only for this payment transaction. The payment information is encrypted and transmitted to the merchant. For the use of this service, Google collects, processes, and stores transaction data, such as the amount paid, technical usage data, and location data. Google Pay terms of use can be found here: Google Pay Terms of Service Privacy information for Google Payments is available here: Google Payments Privacy Notice Google's privacy policy and usage information can be accessed here: Google Privacy Policy

                Credit Card When paying by credit card, we collect and process the necessary personal data, such as your name, credit card number, expiration date of the credit card, and the security code, to process the payment. These are forwarded to your credit card institution for billing.

                9. Credit Checks

                No credit checks are performed.

                10. Analytics Services

                The tracking measures listed below and employed by us are carried out based on your consent in accordance with Article 6(1)(a) GDPR or based on our legitimate interests according to Article 6(1)(f) GDPR. We use tracking measures to ensure a needs-based design and the continuous optimization of our website. Furthermore, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. If necessary, a data processing agreement according to Article 28(3)(1) GDPR has been concluded with the service provider used. The responsibility for the data protection-compliant operation is ensured by their respective providers.

                You can prevent the storage of cookies by configuring your browser software accordingly. However, we would like to point out that you may not be able to fully use all functions of this website if you do so. Unless other information on the duration of storage is provided, the data will be stored for two years and then deleted.

                Google Analytics We use Google Analytics on our website. The responsible entity is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called "cookies" (see section 7 "Cookies"). The information generated by the cookies about your use of this website is usually transferred to a Google server, possibly in the USA, and stored there. We have activated IP anonymization on this website, so that the IP address is truncated by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. The storage duration of the personal data collected is 14 months. The data will be deleted after the storage period has expired. Furthermore, you can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plugin available under the following link: Google Analytics Opt-out Browser Add-on. If you disagree with the display of advertisements, you can disable them here: Google Ad Settings. For more information on Google's privacy policy and terms of use, please visit: Google Privacy Policy.

                Google Ads Conversion Tracking Our website uses the advertising system "Google Ads" by Google LLC. The entity responsible for the European region is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). We use conversion tracking within Google Ads. This involves Google Ads placing a so-called "cookie" on your computer if you have accessed our website via a Google advertisement. The information generated by the cookies about your use of this website is transmitted directly to Google servers, potentially in the USA, and stored there. These cookies expire after 30 days and are not used for personal identification. If you visit certain pages of ours and the cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to that page. Each Ads client receives a different cookie. Thus, cookies cannot be tracked across the websites of Ads clients. The information obtained with the conversion cookie is used to create conversion statistics for Ads clients who have opted for conversion tracking. Ads clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they receive no information that can personally identify users. Furthermore, you can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: Google Analytics Opt-out Browser Add-on. If you disagree with the display of advertisements, you can disable them here: Google Ad Settings. For more information on Google's privacy policy and terms of use, please visit: Google Privacy Policy.

                11. Social Media Services

                Based on our legitimate interests as outlined in Article 6(1)(f) GDPR, we use social media plugins on our website to make it better known. The responsibility for data protection-compliant operation rests with the respective providers. When you access a page of our website that contains a social media plugin, your browser establishes a direct connection to the servers of the respective provider, possibly in the USA. The content of the plugin (including your IP address) is transmitted directly from the provider to your browser and integrated into the page. Through this integration, the provider receives the information that your browser has accessed the corresponding page of our website, even if you do not have a customer profile or are not logged in to the provider. If you are logged in to a provider, this provider can directly assign the visit to our website to your user account. If you interact with the plugins, for example by pressing a button, this information is also transmitted directly to a server of the provider and stored there. The information is also published on your user account and displayed to your contacts. The respective provider may use this information for the purpose of advertising, market research, and the needs-based design of its pages. If you do not want the provider to directly assign the data collected via our website to your user account, you must log out of the provider before visiting our website. Please note that as the operator of the pages, we do not receive any knowledge of the content of the transmitted data or its use by the respective provider.<

                Social Networks:

                Facebook
                We use social media plugins from the social network Facebook, which is operated by Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or - if you are located in the EU - by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
                For more information on Facebook's privacy policy, please visit:
                Facebook Privacy Policy

                Instagram
                We use social media plugins from the social network Instagram, a service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA.
                For more information on Instagram's privacy policy, please visit:
                Instagram Privacy Policy

                Pinterest
                We use social media plugins from the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA.
                For more information on Pinterest's privacy policy, please visit:<
                Pinterest Privacy Policy

                Twitter
                We use social media plugins from the social network Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The entity responsible for the European region is Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland.
                For more information on Twitter's privacy policy, please visit:
                Twitter Privacy Policy

                Tumblr
                We use social media plugins from the social network Tumblr Inc., 60 29th Street #343, San Francisco, CA 94110, USA.
                For more information on Tumblr's privacy policy, please visit:
                Tumblr Privacy Policy

                Other Online Services

                On our websites, we utilize online services and advertising tools from the companies listed below based on your consent in accordance with Article 6(1)(a) GDPR or as part of our legitimate interests in optimally marketing our offerings as per Article 6(1)(f) GDPR. If necessary, a data processing agreement according to Article 28(3)(1) GDPR has been concluded with the service provider utilized. The responsibility for data protection-compliant operation is ensured by the respective providers.

                You can prevent the storage of cookies by setting your browser software accordingly; however, we note that in this case, you may not be able to fully use all the functions of this website.

                YouTube

                Review Tool>

                You have the opportunity to leave a review about our service and the products you have purchased from us. After concluding the contract, you can rate and possibly comment on the transaction. To facilitate this, we work with a third-party provider. This may involve the transmission of personal data, such as your name, email address, invoice number, and the review itself. It may also involve the sharing of your IP address. The use of a review system serves the purpose of optimizing our service and gaining customer trust. To inform you about this opportunity, you may be contacted by us or by the provider, with your prior consent, as part of the purchasing process to ensure a legitimate review. The duration of storage of data lies within the responsibility of the respective provider.

                Provider: Certified Webshop We use the review tool of Tisko Consulting GmbH, Hertzstr. 15, 53881 Euskirchen, Germany. For more information on data protection at Tisko Consulting GmbH, please visit: Certified Webshop Data Protection

                Certified Webshop Seal Our website includes the "Certified Webshop" seal. The seal and the services it advertises are offered by Tisko Consulting GmbH, Hertzstr.15, 53881 Euskirchen. When the seal is accessed, the web server automatically stores a so-called server log file, which contains data such as your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data) and documents the retrieval. This access data is not evaluated and is automatically deleted no later than 30 days after the end of your site visit. For further information on data protection at Tisko Consulting GmbH, please visit: Certified Webshop Data Protection

                13. Rights of Data Subjects

                >You have the right:

                • In accordance with Article 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the

                planned storage period, the existence of a right to rectification, deletion, limitation of processing or opposition, the existence of a right to lodge a complaint, the source of your data if they were not collected from us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about their details;

                • In accordance with Article 16 GDPR, to demand the immediate correction of incorrect or complete personal data stored by us;
                • In accordance with Article 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
                • In accordance with Article 18 GDPR, to demand the restriction of the processing of your personal data as long as the accuracy of the data is contested by you, the processing is unlawful, but you refuse their deletion and we no longer need the data, but you require them for the assertion, exercise or defense of legal claims or you have objected to processing pursuant to Article 21 GDPR;
                • In accordance with Article 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request the transmission to another controller;
                • In accordance with Article 7(3) GDPR, to withdraw your consent at any time. This means that we may no longer continue the data processing based on this consent for the future, and
                • In accordance with Article 77 GDPR, to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is unlawful. Typically, you can contact the supervisory authority of your usual place of residence or workplace or our headquarters for this purpose.

                14. Right to Object

                IF YOUR PERSONAL DATA IS PROCESSED BASED ON OUR LEGITIMATE INTERESTS ACCORDING TO ART. 6(1)(1)(f) GDPR, YOU HAVE THE RIGHT, ACCORDING TO ART. 21(1) GDPR, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA, PROVIDED THERE ARE REASONS FOR THIS ARISING FROM YOUR PARTICULAR SITUATION. AS A RESULT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS. YOU CAN ALSO OBJECT, ACCORDING TO ART. 21(2) GDPR, TO THE PROCESSING OF YOUR PERSONAL DATA BY US, WHICH ARE PROCESSED FOR THE PURPOSES OF DIRECT ADVERTISING IN ACCORDANCE WITH ART. 6(1)(1)(f) GDPR, WITH THE RESULT THAT WE WILL NO LONGER PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT ADVERTISING. IF YOU WISH TO EXERCISE YOUR RIGHT OF WITHDRAWAL OR OBJECTION, SIMPLY SEND AN EMAIL TO THE EMAIL ADDRESS SPECIFIED IN THE IMPRINT.

                15. Data Security

                During your visit to the website, we use the common SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we revert to 128-bit v3 technology instead. You can tell that an individual page of our website is encrypted by the closed display of the key or lock icon in the lower status bar of your browser. In addition, we use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

                16. Current Status and Amendment of this Privacy Policy

                This Privacy Policy is currently valid. Due to the further development of our website and offers above or due to changed legal or regulatory requirements, it may be necessary to change this Privacy Policy. The current Privacy Policy can be accessed and printed at any time on this website. This Privacy Policy was created by the contract lawyers of TISKO Consulting GmbH (www.Gepruefter-Webshop.de) and is protected by copyright. Any further use beyond contractual agreement or copying and unauthorized use of the texts is not permitted and constitutes a copyright infringement that will be legally prosecuted.