Privacy and Data Protection
1. Data Protection at a Glance
General Information
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.
Data Collection on our Website:
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This can be, for example, data that you enter in a contact form or when you open a customer account or place an order.
What do we use your data for?
The data is collected to ensure the error-free provision of the website.
What rights do you have regarding your data? You have the right to receive information free of charge at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Analysis Tools and Third-Party Tools
When visiting our website, your surfing behavior can be statistically evaluated. This is done primarily with cookies and with so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy. You can object to this analysis. We will inform you about the possibilities of objection in this privacy policy.
2. General Information and Mandatory Information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. When you use this website, various personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission over the Internet (e.g., when communicating by e-mail) can have security gaps. Complete protection of data from access by third parties is not possible.
Note on the responsible body:
The responsible body for data processing on this website is:
Anlauf & Anlauf GBR
Zum Täckenfeld 14
21385 Amelinghausen
Email: info@organzabeutel24.de
Tel.: +49 (0) 4132-9398298
The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, e-mail addresses, or similar).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. An informal message by e-mail to us is sufficient for this. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to lodge a complaint with the competent supervisory authority
In the event of breaches of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found here: www.bfdi.bund.de
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If there is an obligation to transmit your payment data (e.g., account number for direct debit authorization) to us after the conclusion of a fee-based contract, this data is required for payment processing.
Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, your payment data that you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of the data processing and, if applicable, a right to correction, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Objection to advertising emails
The use of contact data published within the scope of the imprint obligation for sending unsolicited advertising and information materials is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
3. Data collection on our website
Cookies
The internet pages partially use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions you desire (e.g., shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g., cookies for analyzing your surfing behavior) are stored, they are treated separately in this privacy policy.
Registration on this website
You can register on our website to use additional functions on the site. We only use the data entered for this purpose for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration. For important changes, such as the scope of the offer or technically necessary changes, we use the e-mail address provided during registration to inform you in this way. The processing of the data entered during registration is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time. An informal message by e-mail to us is sufficient for this. The legality of the data processing that has already taken place remains unaffected by the revocation. The data collected during registration will be stored by us as long as you are registered on our website and will then be deleted. Legal retention periods remain unaffected.
Provider
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
4. Advertising
Google AdWords
This website uses Google AdWords. AdWords is an online advertising program of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). If you click on an ad placed by Google, a cookie for conversion tracking is set. Cookies are small text files that the internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used for the personal identification of users.
More information about Google AdWords and Google Conversion Tracking can be found in Google's privacy policy: https://www.google.de/policies/privacy/
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
Browser Plugin
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com
5. Website Analysis
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies, and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which can also be transmitted to Google's parent company in the United States.
The use of the Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on his website. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. You can obtain further information from the provider: www.dataprivacyframework.gov
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, duration of stay, operating systems used, and the origin of the user. This data is assigned to the respective end device of the user. An assignment to a user ID does not take place.
Furthermore, with Google Analytics, we can record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.
The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. Consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. You can find more information here: www.dataprivacyframework.gov
6. Payment Providers
Processing of customer and contract data
We collect, process, and use personal customer and contract data for the establishment, content design, and amendment of our contractual relationships. We only collect, process, and use personal data about the use of this website (usage data) to the extent necessary to enable the user to use the service or to bill for it. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
The collected customer data will be deleted after completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Legal retention periods remain unaffected.
Data transmission upon conclusion of contract for online shops, dealers, and dispatch of goods
If you order goods from us, we pass on your personal data to the transport company entrusted with the delivery and to the payment service provider commissioned with the payment processing. Only such data is released as is required by the respective service provider to fulfill its task. The legal basis for this is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. If you have given your corresponding consent in accordance with Art. 6 para. 1 lit. a GDPR, we will pass on your e-mail address to the transport company entrusted with the delivery so that they can inform you by e-mail about the shipping status of your order; you can revoke your consent at any time.
Payment services
We integrate payment services from third-party companies on our website. If you make a purchase from us, your payment data (e.g., name, customer number, order number, payment amount) will be processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective providers apply to these transactions. The use of payment service providers is based on Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a payment process that is as smooth, comfortable, and secure as possible (Art. 6 para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consents can be revoked at any time for the future.
We use the following payment services / payment service providers within the scope of this website: Stripe
We offer the option of processing the payment process via the payment service provider Stripe, c/o Legal Process, 510, Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR).
If you choose a payment method from the payment service provider Stripe, the payment will be processed via the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we will pass on the information you provided during the ordering process, along with the information about your order (name, address, customer number, order number, invoice amount, and currency) in accordance with Art. 6 Para. 1 lit. b GDPR. All other data required for payment processing, e.g., credit card information, is not stored by us in our webshop but directly with the payment service provider Stripe Payments Europe Ltd. Your data will only be passed on for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. and only to the extent that it is necessary for this purpose.
Further information on Stripe's data protection can be found here: https://stripe.com/privacy-center/legal
The processing of the data specified in this section is not required by law or contract. Without the transmission of your personal data, we cannot carry out a payment via Stripe. You have the option of choosing another payment method.
Stripe plays a dual role as controller and processor in data processing activities. As a controller, Stripe uses your transmitted data to fulfill regulatory obligations. This corresponds to Stripe's legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves to implement the contract (pursuant to Art. 6 para. 1 lit. b GDPR). We have no influence on this process.
As a processor, Stripe acts to complete transactions within the payment networks. Within the framework of the order processing relationship, Stripe acts exclusively on our instructions and has been contractually obligated within the meaning of Art. 28 GDPR to comply with the data protection regulations.
Stripe has implemented compliance measures for international data transfers. These apply to all worldwide activities in which Stripe processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). You can find more information on possibilities of objection and removal against Stripe at: https://stripe.com/privacy-center/legal
Your data will be stored by us until the payment processing is completed. This also includes the period required for the processing of refunds, claims management, and fraud prevention.
Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
7. Online presences in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties, and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.
Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g., write posts on our online presences or send us messages.