DATA PRIVACY POLICY
We take the protection of your personal data serious. The protection of your privacy when processing personal data is an important concern for us, which we take into account in all our business processes. The following information on data protection reflects the increased requirements of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).
1. Who is the Controller of the data processing?
hin & her UG (haftungsbeschraenkt), Tiroler Strasse 23, 82515 Wolfratshausen, Germany, commercial register (Handelsregisternummer): HRB 251081 of the district court (Amtsgericht) Munich.
2. Whom can I contact regarding data processing?
Managing director Kai Dräger
Address: Margarethe-Selenka-Str. 23 81737 Munich, Germany
E-Mail: info@aged-sake.de
3. What purposes do we process your data for and on what legal basis?
We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).
Personal data are processed to fulfill our contractual obligations in accordance with Art. 6 Para. 1 S. 1 lit. b) GDPR, in particular for the
• Registration of a customer account
• Provision of information
• Processing of orders, in particular sending an order confirmation and other messages
Personal data are processed to protect our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f) GDPR, in particular
• to be able to provide you with relevant information
• for the purpose of preventing, investigating and reporting offenses, e.g. fraud, credit card abuse and identity fraud
• to assert legal claims including debt collection and defense in legal disputes
• for audit purposes
• to ensure IT security
We process your personal data based on your consent in accordance with Art. 6 Para. 1 S.1 lit. a) GDPR
• for sending newsletters with regular offers
• to get into dialogue with us
• market research and customer surveys
• for the personalized use of the website and personalized offers including profiling through Cookies
• to support usage processes of the website with reminder functions
• for analytical purposes in order to optimize our offers for you
• to enable us to process your data privacy right requests.
You can withdraw your consent at any time with effect for the future without the need to state any reason. A withdrawal does not affect the lawfulness of the processing before the withdrawal.
Furthermore, we process data based on legal obligations in accordance with Art. 6 Para. 1 S.1 lit. c) GDPR, in particular if we are legally obliged to do so to comply, e.g. with commercial or tax law notice and retention requirements.
4. What data do we process when you visit our website?
Our website uses cookies. A cookie is a small text file that a web portal leaves on the user's computer system (computer, tablet computer or smartphone) when he visits it. Personal data can be stored in cookies. You can prevent cookies from being tracked in your browser settings (do-not-track, tracking protection list) or prohibit the storage of third-party cookies.
When all cookies are deleted, objection cookies that have already been set (opt-out cookies) are also deleted, so that you have to re-set them again.
We want to give you the opportunity to make an informed decision for or against the use of cookies, which are not absolutely necessary for the technical functions of the website. Please note that if you reject advertising cookies, you will receive advertising that is less tailored and tailored to your interests. However, the use of the website remains in full.
We differentiate between cookies that are essential for the technical functions of the website and optional cookies.
In order for you to be able to specify your desired data protection settings for visiting our website as individually as possible, we give you the opportunity to set your preferences with regard to the categories of operational necessity, statistics, comfort and personalization.
a) „Absolutely necessary cookies“
These cookies are required so that you can use such basic functions as security, identity verification and network management. Therefore, they cannot be deactivated.
b) „Marketing cookies“
Cookies for marketing purposes are used to measure the effectiveness of advertising, to record the interests of visitors and to adapt advertisements to their personal needs.
c) „Functional cookies“
Functional cookies are used to save information that has already been provided and to offer improved and personalized functions based on this.
d) „Analytics cookies“
We use these cookies to understand how our website is used, to detect errors and to improve the functionality of the website.
5. What personal data are you obliged to provide?
For contractual or statutory requirements, we have marked the respective input fields in the input masks on our website, which you must fill out so that we can provide the contract you require. The provision of other data is voluntary.
6. How long will your data be stored?
Your personal data will be deleted as soon as they are no longer required for the declared purposes. If necessary, however, we must continue to store your data until the retention obligations and periods imposed by law, which may result from the German Commercial Code (Handelsgesetzbuch), the tax legislation (Steuergesetzgebung) and the German Money Laundering Act (Geldwäschegesetz) and which generally last from 6 to 10 years. In addition, we may keep your data until the end of statutory limitation periods (i.e. usually 3 years; in individual cases also up to 30 years), insofar as this is necessary for the establishment, exercise or defense of legal claims. The relevant data is then routinely deleted.
7. Who do we share your data with?
In the context of the above data processing and the respective legal basis mentioned (contract execution, in the legitimate interest, with consent or due to legal processing obligations), your data may be passed on to the following categories of recipients:
-
vicarious agents, e.g. service providers for logistics, payment service providers, IT service providers for the provision of the website, sending newsletters, handling feedback, compiling statistics
-
• other service providers, e.g. attorneys, tax advisors
-
• police and judicial authorities
7. 1 Wix.com
For the provision of our website under the domain aged-sake.de and associated subdomains, we use the IT service provider Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel ("Wix.com"), who acts as a processor for us. Hin & her UG (limited liability) remain the controller for your personal data.
Wix.com collects, stores and processes personal data of the users of our website and our business partners on our behalf. The data processing agreement between Wix.com and the Hin & her UG (limited liability), can accessed here: https://de.wix.com/about/privacy-dpa-users.
As part of order processing, personal data will are also recorded, stored and processed outside the European Union. The data processing agreement contains corresponding safeguards for the transfer of personal data to processors based in third countries, that provide also rights vis-à-vis the data importer Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel and other importers.
Wix.com works with a number of selected service providers whose services and solutions complement, facilitate and improve our services. This includes hosting and server co-location services, communication and content delivery networks (CDN), data and cyber security services, billing, payment transactions, registration of domain names, fraud detection and prevention, web analysis, e -Mail distribution and monitoring, session recording and remote access, performance measurement, data optimization and marketing services as well as content providers (collectively “third party services”). Such third party services may, depending on their role and purpose in providing and improving the services, have full or partial access to personal data that they may only use for such purposes.
To the extent permitted by local data protection laws, Wix.com may disclose personal information if required in accordance with applicable law to disclose personal data or otherwise grant access to third parties if we are faithful, for example due to a subpoena, court proceedings, search warrant or court order, or otherwise required by applicable law and believe that we are legally obliged to do so, if necessary, without notifying you.
Wix.com may make personal data available to others if Wix.com believes in good faith belief that this is to protect the rights, property, or personal security of Wix.com, us, or our users or business partners, or a member of the general public happens, if necessary, also without notifying.
Wix.com may share personal information internally within Wix.com affiliates for the purposes set out in this privacy policy. For example, Wix.com passes personal data on to Wix.com Inc., a subsidiary based in the United States, as part of the provision of the services. Should the management of Wix.com or one of its affiliates change, for example through a merger, acquisition or sale of essentially all of its assets, personal data may be passed on to the parties involved in such a case. Should Wix.com assume in good faith that such a change in the company's management has a significant impact on stored personal data, we will inform Wix.com as well as about the alternatives that are available with regard to personal data and the Hin & her UG (limited liability) will inform its business partners accordingly and take further steps to have personal data processed safely.
Wix.com can store personal data for as long as your user account with Wix.com is active, as specified in the Wix.com data protection policy (https://de.wix.com/about/privacy) or as is otherwise required to provide us with services. Wix.com can also store personal data beyond the deactivation of our user account and / or a certain service, insofar as this is necessary to comply with legal obligations, to settle disputes, to prevent fraud and abuse, to enforce contracts and / or to protect legitimate interests. Wix.com has a data retention policy that applies to the data stored at Wix.com. If the storage of personal data is no longer necessary, Wix.com assure its reliable deletion based on the data protection guideline.
Further information can be found in the Wix.com data protection guideline, which, if applicable, is part of our data protection declaration https://de.wix.com/about/privacy.
8. What data protection rights do you have?
It is important to us to make data processing fair and transparent. You can exercise the following rights in addition to the right to object:
• Right to information, Art. 15 GDPR
• Right to rectification, Art. 16 GDPR
• Right to erasure, Art. 17 GDPR
• Right to restriction of processing, Art. 18 GDPR
• Right to data portability, Art. 20 GDPR
• Right to object, Art. 21 GDPR
We ask you to provide the following information for identification:
• Surname
• Postal address
• E-mail address and optionally: customer number or order process number
If you send us a copy of your ID, we ask you to black out all the information except for your surname, first name and address.
In addition, in accordance with Art. 77 GDPR in conjunction with § 19 BDSG the right to lodge a complaint with a supervisory authority.
9. How can you withdraw your consent?
If you have given us your consent to process your personal data, you can withdraw your consent at any time with effect for the future without the need to state any reason. A withdrawal does not affect the lawfulness of the processing before the withdrawal.
You can withdraw your consent through our contact form or per e-mail to info@aged-sake.de.
Please note that a withdrawal of consent only has an effect for the future and no influence on the lawfulness of processing in the past. In some cases, despite your withdrawal, we are entitled to process your personal data on basis of one the other legal bases.
10. Information about your right to object according to Art. 21 GDPR
We process personal data concerning for direct marketing purposes. You have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected to such direct advertising. If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.