Privacy policy

Privacy policy (Shop)

1) Information about the collection of personal data and contact details of the person responsible.

1) Information on the collection of personal data and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. In this context, personal data is all data with which you can be personally identified.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (DSGVO) is Robert Bree, c/o Bürogemeinschaft 5. Stock, Birkenleiten 43, 81543 Munich, Germany, Tel.: 08920318399, e-mail: info@rb-kommunikation.de. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller). You can recognise an encrypted connection by the string “https://” and the lock symbol in your browser line.

2) Data collection when visiting our website

When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
Browser used
Operating system used
IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3) Contacting

When you contact us (e.g. by contact form or e-mail), personal data is processed solely for the purpose of processing and responding to your request and only to the extent necessary for this purpose. The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted when the circumstances indicate that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

4) Data processing when opening a customer account and for contract processing

Pursuant to Art. 6 para. 1 lit. b DSGVO, personal data will continue to be collected and processed to the extent necessary in each case if you provide it to us when opening a customer account. The data required for opening an account can be found in the input mask of the corresponding form on our website. Deletion of your customer account is possible at any time and can be done by sending a message to the above address of the person responsible. After deletion of your customer account, your data will be deleted, provided that all contracts concluded via it have been fully processed, no legal retention periods are opposed and no legitimate interest on our part in the continued storage exists.

5) Use of customer data for direct marketing purposes

– Newsletter dispatch via MailChimp
Our e-mail newsletters are sent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 (1) lit. f DSGVO and serves our legitimate interest in using a newsletter system that is effective in advertising, secure and user-friendly. Please note that your data is usually transferred to a MailChimp server in the USA and stored there.
MailChimp uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of the web beacons, Mailchimp automatically creates general, non-personal statistics about the response behaviour to newsletter campaigns. However, based on our legitimate interest in the statistical evaluation of the newsletter campaigns for the optimisation of the advertising communication and the better alignment with recipient interests, the web beacons also collect and utilise data of the respective newsletter recipient (mail address, time of retrieval, IP address, browser type and operating system) in accordance with Art. 6 para. 1 lit f DSGVO. This data allows an individual conclusion to be drawn about the newsletter recipient and is processed by Mailchimp for the automated creation of statistics that show whether a specific recipient has opened a newsletter message.
If you wish to deactivate the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
MailChimp may also use this data itself in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of its own legitimate interest in the needs-based design and optimisation of the service as well as for market research purposes, for example to determine which countries the recipients come from. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
To protect your data in the USA, we have concluded a data processing agreement (“Data Processing Agreement”) with MailChimp based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to MailChimp. If you are interested, this data processing agreement can be viewed at the following internet address: https://mailchimp.com/legal/data-processing-addendum/.
You can view MailChimp’s privacy policy here:
https://mailchimp.com/legal/privacy/

6) Data processing for order processing

6.1 Insofar as necessary for the processing of the contract for delivery and payment purposes, the personal data collected by us will be passed on to the commissioned transport company and the commissioned credit institution in accordance with Art. 6 Para. 1 lit. b DSGVO.

If we owe you updates for goods with digital elements or for digital products on the basis of a corresponding contract, we will process the contact data (name, address, e-mail address) provided by you when placing the order in order to inform you personally by suitable means of communication (e.g. by post or e-mail) about upcoming updates within the legally stipulated period of time within the framework of our statutory duty to inform pursuant to Art. 6 (1) lit. c DSGVO. Your contact details will be used strictly for the purpose of informing you about updates owed by us and will only be processed by us for this purpose to the extent necessary for the respective information.

In order to process your order, we also work together with the following service provider(s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transferred to these service providers in accordance with the following information.

6.2 Use of payment service providers (payment services)

– Mollie
If you choose a payment method from the payment service provider Mollie, the payment will be processed via the payment service provider Mollie B.V., Keizersgracht 313, 1016 EE Amsterdam, Netherlands, to whom we will pass on the information you provided during the ordering process, together with information about your order (name, address, IBAN, BIC, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b DSGVO. Your data will only be passed on for the purpose of processing payment with the payment service provider Mollie and only insofar as it is necessary for this purpose.
– Paypal
When paying via PayPal, credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “payment by instalments” via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”) as part of the payment processing. The transfer takes place in accordance with Art. 6 Para. 1 lit. b DSGVO and only insofar as this is necessary for the payment processing.
For the payment methods credit card via PayPal, direct debit via PayPal or – if offered – “purchase on account” or “payment by instalments” via PayPal, PayPal reserves the right to carry out a credit check. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 Para. 1 lit. f DSGVO on the basis of PayPal’s legitimate interest in determining your solvency. PayPal uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The creditworthiness information may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. For further information on data protection law, including information on the credit agencies used, please refer to PayPal’s data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments.
– Stripe
If you choose a payment method from the payment service provider Stripe, the payment will be processed by the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we pass on the information you provided during the ordering process, together with information about your order (name, address, account number, bank sort code, credit card number if applicable, invoice amount, currency and transaction number) in accordance with Art. 6 (1) lit. b DSGVO. You can find more information on Stripe’s data protection at the URL https://stripe.com/de/privacy#translation.
Stripe reserves the right to carry out a credit check on the basis of mathematical-statistical procedures in order to safeguard the legitimate interest in determining the user’s ability to pay. The personal data necessary for a credit check and obtained in the course of payment processing may be transmitted by Stripe to selected credit agencies, which Stripe discloses to users upon request. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognised mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data. Stripe uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding on the authorisation to use the selected payment method.
You can object to this processing of your data at any time by sending a message to Stripe or the appointed credit agencies.
However, Stripe may still be entitled to process your personal data if this is necessary to process payments in accordance with the contract.

7) Page functions

– Zoom
We use the “Zoom” service of Zoom Video Communications Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA (hereinafter “Zoom”) to conduct online meetings, video conferences and/or webinars.
In the case of the use of Zoom, different data are processed. The scope of the data processed depends on the data you provide before or during participation in an online meeting, video conference or webinar. In the course of using Zoom, data of the communication participants is processed and stored on Zoom servers. This data may include, in particular, your login data (name, email address, telephone (optional) and password) and meeting data (topic, participant IP address, device information, description (optional)). In addition, visual and auditory contributions of the participants as well as voice inputs in chats may be processed.
When processing personal data that is necessary for the performance of a contract with you (this also applies to processing operations that are necessary for the implementation of pre-contractual measures), Art. 6 (1) lit. b DSGVO serves as the legal basis. If you have given us your consent for the processing of your data, the processing is based on Art. 6 (1) a DSGVO. Consent given can be revoked at any time with effect for the future.
Furthermore, the legal basis for data processing when conducting online meetings, videoconferences or webinars is our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO in the effective conduct of the online meeting, webinar or videoconference. For more information on Zoom’s use of data, please see Zoom’s privacy policy at https://zoom.us/docs/de-de/privacy-and-legal.html.

8) Rights of the data subject

8.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:

Right to information pursuant to Art. 15 DSGVO;
Right to rectification pursuant to Art. 16 DSGVO;
Right to erasure pursuant to Art. 17 DSGVO;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent granted pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Art. 77 DSGVO.

8.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

9) Duration of storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the data subject revokes his/her consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21(2) DSGVO.

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

 

Privacy policy (website)

1) Information on the collection of personal data and contact details of the responsible person

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we will inform you about how we handle your personal data when you use our website. In this context, personal data is all data with which you can be personally identified.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (DSGVO) is Robert Bree, c/o Bürogemeinschaft 5. Stock, Birkenleiten 43, 81543 Munich, Germany, Tel.: 08920318399, e-mail: info@rb-kommunikation.de. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller). You can recognise an encrypted connection by the string “https://” and the lock symbol in your browser line.

2) Data collection when visiting our website

When you use our website for information purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
Browser used
Operating system used
IP address used (if applicable: in anonymised form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3) Contacting us

When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after your request has been processed. This is the case when the circumstances indicate that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

4) Use of customer data for direct advertising

– Newsletter dispatch via MailChimp
Our e-mail newsletters are sent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 (1) lit. f DSGVO and serves our legitimate interest in using a newsletter system that is effective in advertising, secure and user-friendly. Please note that your data is usually transferred to a MailChimp server in the USA and stored there.
MailChimp uses this information to send and statistically evaluate the newsletters on our behalf. For the evaluation, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. With the help of the web beacons, Mailchimp automatically creates general, non-personal statistics about the response behaviour to newsletter campaigns. However, based on our legitimate interest in the statistical evaluation of the newsletter campaigns for the optimisation of the advertising communication and the better alignment with recipient interests, the web beacons also collect and utilise data of the respective newsletter recipient (mail address, time of retrieval, IP address, browser type and operating system) in accordance with Art. 6 para. 1 lit f DSGVO. This data allows an individual conclusion to be drawn about the newsletter recipient and is processed by Mailchimp for the automated creation of statistics that show whether a specific recipient has opened a newsletter message.
If you wish to deactivate the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
MailChimp may also use this data itself in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of its own legitimate interest in the needs-based design and optimisation of the service as well as for market research purposes, for example to determine which countries the recipients come from. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
To protect your data in the USA, we have concluded a data processing agreement (“Data Processing Agreement”) with MailChimp based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to MailChimp. If you are interested, this data processing agreement can be viewed at the following internet address: https://mailchimp.com/legal/data-processing-addendum/.
You can view MailChimp’s privacy policy here:
https://mailchimp.com/legal/privacy/

5) Rights of the data subject

5.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:

Right to information pursuant to Art. 15 DSGVO;
Right to rectification pursuant to Art. 16 DSGVO;
Right to erasure pursuant to Art. 17 DSGVO;
Right to restriction of processing pursuant to Art. 18 GDPR;
Right to information pursuant to Art. 19 GDPR;
Right to data portability pursuant to Art. 20 GDPR;
Right to withdraw consent granted pursuant to Art. 7(3) GDPR;
Right to lodge a complaint pursuant to Art. 77 of the GDPR.

5.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

6) Duration of the storage of personal data

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a DSGVO, this data is stored until the data subject revokes his/her consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or there is no justified interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his/her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Art. 6(1)(f) DSGVO, such data shall be stored until the data subject exercises his or her right to object pursuant to Art. 21(2) DSGVO.

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

 

Vertreten durch die IT-Recht Kanzlei