SchneidersLaden GmbH (hereinafter SchneidersLaden) takes the protection of your data very seriously and maintains the SchneidersLaden platform in accordance with the applicable legal provisions on data protection with the inclusion of the provisions of the EU General Data Protection Regulation (hereinafter: GDPR ). Below we inform you about the type and scope of processing of your personal data by SchneidersLaden GmbH.
This data protection declaration is intended to inform you about data processing by SchneidersLaden GmbH (as "person in charge").
SchneidersLaden GmbH is responsible for the following websites: www.schneidersladen.de and www.schneidersladen.com.
Contact: SchneidersLaden GmbH * Skalitzer Str. 135a * 10999 Berlin, Germany
For all concerns related to the GDPR, please contact: firstname.lastname@example.org email@example.com.
2. Data processing when accessing our website
When you visit our website, information such as
- the IP address,
- the date and time of access,
- the name and URL of the retrieved file,
- the website from which the access was made (referrer URL),
- the browser you are using and, if applicable, the operating system of your Internet-capable computer as well as the name of your access provider to our server and temporarily stored by us.
The legal basis for such processing is provided for in Article 6(1)(f) of the GDPR.
The legitimate interest is for the following purposes:
- Optimization of the connection setup,
- Ensuring and optimizing the user-friendliness and handling of our website,
- Ensuring system security and stability
- and for security/punishment in the event of a cyber attack.
3. Data processing during registration
It is possible to register as a customer. A password-protected customer account will be created. The data involved is shown in the input mask that is filled in during registration. This data is used exclusively for internal permanent storage of your personal data in a password-protected customer account.
The IP address, date and time of registration are stored. The legal basis for this data processing is Art. 6 paragraph 1 letter b) GDPR.
4. Data processing during the process of ordering
Data processing within the context of purchase orders serves to process all processes within the order. The legal basis for this is Article 6 paragraph 1 letter b) GDPR. The data involved can be seen from the input mask that you fill in when placing your order. The following data processing is required to process the purchase contract:
Your e-mail address will be used for electronic communication about your order and its processing. The legal basis for such processing is provided for in Article 6(1)(c) of the GDPR. In order to fulfil the contractual obligations, the order data is transmitted to the upstream supplier and, if applicable, to his transport company, who will deliver the goods or provide the booked services, and made available for use of the data for this purpose. The legal basis for such processing is provided for in Article 6(1)(b) of the GDPR. For the fulfilment of the contract it may be necessary for the data to be forwarded to our payment service provider or to the commissioned credit institution. This depends on the selected payment method.
The following payment methods can be used:
- credit card
For the delivery of the goods, however, a passing on of your address data to our parcel service providers (DHL, FedEx, UPS) is necessary.
They are obliged to treat your data confidentially and to use it exclusively for the purpose of delivery. FedEx and UPS process the address data on servers located in the USA.
Your payment data will be passed on to the commissioned credit institution for payment processing.
Credit card data is not processed by us but by 1&1 iPayment and PayOne. Any further passing on of personal customer data to third parties does not take place.
However, we are authorised to provide the responsible authorities with information about your data in individual cases,
insofar as they request your data for the purpose of fulfilling their legal powers (e.g. criminal law enforcement).
5. Further data processing
Furthermore, data is collected and stored which you yourself explicitly communicate to us. For example, for individual customer contact by e-mail, telephone or in the online shop, if you use the option to enter data (e.g. during login registration). The data that is intended for collection will be communicated to you before the respective process, if this does not result from the type of the pending process (e.g. name and password for login registration or in the "User data" mask: telephone and e-mail).
Furthermore, use data is collected which you submit when using the platform (article searches that have been carried out) and/or which the respective Internet provider provides when using the platform (including the IP address of your computer) and/or generates via e-tracking.
Usage data can contain personal or company-related data or allow conclusions to be drawn about them.
Without your registration or without your login, anonymous user data, such as which browser type and operating system you use and which pages you have visited on the website, are transmitted by your browser when you access the platform. The data collected is not used to identify you or your company. The use data is automatically stored in server log files. These are used to make the handling of the platform functions more attractive and to ensure and improve their performance. This represents a legitimate interest for us and is therefore based on the legal basis of Art. 6 paragraph 1 letter f) GDPR.
6. Data processing for advertising purposes
We do not send advertising.
The following section documents the contents of the newsletter and informs you about the options for subscribing and unsubscribing, as well as the implementation of the newsletter dispatch and the evaluation procedures. By subscribing to the newsletter, you agree to the procedures documented here.
Contents of our newsletter: Our newsletters contain information on products and events, as well as offers and thus promotional information - the newsletter is sent exclusively by e-mail.
Double registration confirmation: Using the double opt-in procedure, an e-mail will be sent to you after you have subscribed to the newsletter in which you will be asked whether you confirm your subscription to the newsletter. This procedure ensures that you really are the owner of the e-mail address you entered. In order to comply with legal requirements, your registration will be logged, i.e. the time of registration and confirmation and the IP address will be saved.
Registration data: For the registration to our newsletter the information of your e-mail address is sufficient. You can also enter your name for the purpose of personal salutation.
The success of the newsletter is measured on the basis of the recipient's consent pursuant to Art.6 para.1 lit. a, Art.7 DSGVO in conjunction with § 7 para.2 no. 3 UWG. If consent is not required, both are done on the basis of our legitimate interest in direct marketing pursuant to Art. 6 Para. 1 lt. f. DSGVO in connection with § 7 Abs.3 UWG - as well as the logging of the registration process according to Art.6 Abs. 1 lt. f. DSGVO. It is in our interest to operate a standard newsletter system that enables us to provide proof of consent and that meets the expectations of subscribers and our business interests.
Cancellation or revocation: Every subscriber is free to cancel the subscription at any time, i.e. to revoke his consent. As a subscriber, you will find an appropriate link to cancel your subscription to our newsletter at the end of each newsletter. Due to our legitimate interest, we can store the e-mail addresses deleted in this case for up to three years before they are deleted. This is necessary to prove the previously declared consent and is only done for the purpose of possible defense against claims.
Newsletter - Mailchimp
MailChimp is entitled to use data of the subscribers in pseudonymous form (without assignment to a user, for the development of the offered services - including technical and statistical aspects). MailChimp will not pass on any data to third parties or contact newsletter subscribers independently.
Newsletter - Measurement of success
The success of the newsletter is measured by the use of a so-called "web beacon". This is a very small file which is downloaded from the server of our e-mailing-service when the newsletter is opened. For technical improvement, information on the browser and system used, the IP address and the time of retrieval are recorded.
In order to be able to respond to the reading habits and interests of our subscribers, statistical surveys also include whether and when the newsletter was opened and which links were clicked. Although it is possible to assign this information to individual newsletter recipients due to technical circumstances, this is neither our aim nor that of our dispatch service provider.
It is not possible to contradict the measurement of success independently of newsletter subscription, only the cancellation of the newsletter subscription would be available for this.
Collection of access data and log files
We, and/or our hosting provider, raise on basis of our legitimate interests in the sense of Art. 6 para. 1 lit. f. DSGVO data on each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. to clarify abuse or fraud actions) for a maximum period of 7 days and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.
8. Third-party websites
SchneidersLaden has no influence on the current content of third-party websites that can be accessed via the website and the way in which these websites are operated. SchneidersLaden is not responsible for the privacy practices or the content of such web sites.
9. Recipients outside the EU
With the exception of the processing listed below, we will not pass on your data to recipients based outside the European Union or the European Economic Area. FedEx and UPS process the address data on servers located in the USA.
However, you can configure your browser so that no cookies are stored on your computer. Complete deactivation of cookies may prevent you from using all functions of our website.
The storage time of the cookies depends on their intended use and is not the same for everyone.
SchneidersLaden uses Google Analytics, a web analysis service of Google Inc. "("Google"), CA 94043, 1600 Amphitheatre Parkway, Mountain View, USA, for the purpose of demand-oriented design and optimization of our website. Google Analytics uses so-called "cookies", which are stored on your computer. Cookies are used to analyse the use of the website. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.
The information that cookies generate is:
- Browser type,
- Operating system,
- the website from which the access was made (referrer URL),
- IP address,
- Date and time of the server request.
This website uses Google Analytics with the IP anonymisation function ("anonymizeIp").
Google will reduce your IP address in the Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
On behalf of SchneidersLaden, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide SchneidersLaden with other services associated with website use for market research purposes (which we don't do) and design tailored to your needs. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent future collection of your data when you visit this website: Disable Google Analytics
11. Deleting personal data
Data that we store will be blocked for further use when the relevant authorisation ceases to apply, in particular after the purpose behind their collection has been achieved, and will be deleted after expiry of the storage periods under tax and commercial law, unless you have expressly consented to the further use of your data or something else has been contractually agreed.
12. Data security
Appropriate technical and organisational measures are taken to protect your data against unintentional or unlawful deletion, disclosure, access or against manipulation or loss as well as against other misuse. We have also concluded data processing agreements with our IT service providers in accordance with the GDPR. For your security, your data is encrypted using an SSL (Secure Socket Layer) website certificate. This is an encryption standard that is also used in online banking, for example. You can recognize a secure SSL connection by the attached s on the http (i.e. https://...) in the address bar of your browser or by the lock symbol at the bottom of your browser. Please note that security when using the Internet depends on various circumstances and cannot be guaranteed at all times.
13. Overview of your rights
- Right to information
You may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless these were collected directly from you.
- Right to correction
You may request the correction of inaccurate data or the completion of correct data.
- Right to deletion
You can request the deletion of your personal data.
- Right to data transmission
You can have the data provided by you transmitted in a common, machine-readable format or request transmission to another person responsible.
- Right of appeal
To do this, you can contact the supervisory authority of your usual place of residence or our responsible supervisory authority.
- Right of limitation
You may exercise the right to restrict data processing if the accuracy of personal data is disputed, processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data, the data controller no longer needs the personal data for the purpose of processing, but the data subject needs it for the purpose of asserting, exercising or defending legal claims, or the data subject objects to the processing in accordance with Section 4.2. Art. 21 GDPR, as long as it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
- Right of objection
The general right of objection applies to all processing purposes described here which are processed on the legal basis of Art. 6 paragraph 1 letter f) GDPR. Unlike data processing, which is described under "Data processing for advertising purposes", we are only obliged to implement the objection if you give reasons of overriding importance that arise from a particular situation.