When you access our website, we collect, store and process personal data as follows.
I. COMPETENT AUTHORITY AND PRIVACY OFFICER
The competent authority as stipulated by the applicable privacy law on the collection, storage and processing of personal data is:
Kompernaß Handelsgesellschaft mbH,
represented by its Managing Johannes-Heinrich Kompernaß, Monika Kompernaß and
Tel.: +49 02327/3018-0
Fax: +49 02327/3018-100
You can contact our privacy officer, Ms Jennifer Hogrebe, at the same address and phone number or by sending an e-mail to firstname.lastname@example.org.
1. Accessing our website
Whenever our website is accessed, we automatically collect and store the following data in order to facilitate the use of the website. This data is only stored for the purposes of ensuring IT security (e.g. identifying attacks on the website) and generating statistics. We store all data in a form in which cannot be linked to any specific person. No usage profiles are created for individual users. We collect the following data: browser type/version, operating system used, IP address, referrer URL (the previously visited page), date and time of access.
2. The data is stored for a duration of 2 days.
The personal data specified below is only collected with express consent as per Section 6 Paragraph 1 Sentence 1a of the German General Data Protection Regulation (GDPR), which will come into force on 25/05/2018. This consent is given upon the creation of a customer account in our online shop (if registering as an online shop customer) and when submitting data to order goods (if goods are being ordered). When you order goods, your personal data is further processed on the basis of Section 6 Paragraph 1 Sentence 1b GDPR, as the data collected and processed during the order is necessary to perform the contract in respect of delivery of the ordered goods.
When you register as a customer of our online shop and order goods, the registration and login forms collect the following personal data, which is used exclusively for the purpose of delivering and invoicing your order:
- Address data
- Payment method
- Ordered item(s)
You must provide the above data to place an order in our online shop. You cannot place any orders in our online shop without consenting to the collection and processing of the above data. The same applies to the creation of a user account with the exception of the ordered goods and applicable payment method.
The data is stored for a period of ten years.
III. RIGHT OF REVOCATION
You have the right to revoke your consent to the processing of your personal data at any time, but the legitimacy of the data processing that has taken place between your granting and revoking of consent will not be affected. Contact us by sending an e-mail to email@example.com or via another channel to revoke your consent.
IV. PASSING ON OF DATA
Any data we collect is only passed on to the forwarding company contracted to deliver the goods and the financial institutions responsible for the billing of the order, and only to the extent required for the delivery and billing of the order.
V. PRIVACY STATEMENT FOR THE USE OF GOOGLE ANALYTICS
This website uses functions of web analytics service Google Analytics. The provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are placed on your computer to help the website analyse how users use the site. The information generated by the cookie about your use of this website will generally be transmitted to and stored by Google on servers in the United States.
In the event that IP anonymization is activated on this website, your IP address will, however, be shortened by Google within member states of the European Union or other parties to the Agreement on the European Economic Area. In exceptional cases, the full IP address will be transmitted to the USA and shortened there. Google uses this information on behalf of the operator of this website to evaluate your use of the website, compile reports on website activity and provide other services relating to website activity and Internet-related services to the website operator. The IP address collected by your browser in the context of Google Analytics will not be combined with any other data held by Google.
You may refuse the saving of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use all the features of this website. You can also prevent the collection of the data generated by the cookie and other data related to your usage of the website (including your IP address) by Google as well as the processing of these data by Google by downloading and installing the browser plug-in available at the following address: http://tools.google.com/dlpage/gaoptout?hl=de
The use of Google Analytics serves the legitimate interest of Kompernaß to maintain the website and online shop and collect statistical data about visitor numbers and their usage of the services. Data processing for the fulfilment of such legitimate interest is carried out on the basis of Section 6 Paragraph 1 Sentence 1 f) GDPR.
VI. OTHER COOKIES
Some web pages use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies help to make our service more user-friendly, more efficient and more secure. Cookies are small text files that are placed on your computer and saved by your browser.
Most of the cookies we use are so-called session cookies. They are automatically deleted after the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser when you visit your website again.
You can set your browser to inform you about the storage of new cookies and ask your permission each time, prevent the storage of cookies on an individual basis or altogether, or activate automatic deletion of cookies when closing the browser. If you deactivate cookies, you might be unable to use the full functionality of this website.
VII. SSL ENCRYPTION
Kompernaß Handelsgesellschaft mbH takes all technical and organisational measures required to guarantee effective data protection. All of our employees are obliged to observe data confidentiality. Your data will always be treated as confidential. The encryption of sensitive data transfers is done using SSL (Secure Sockets Layer). This is currently the most common and most secure data transmission method on the Internet.
VIII. RIGHT OF ACCESS
In accordance with Section 15–21 GDPR, you have the right
- to demand a confirmation regarding our processing of personal data about you,
- in the event that we do process personal data about you, to request details about this data and, in particular, information regarding the purpose of the data processing, the category of personal data processed, the recipients or category of recipients to whom the personal data has been or will be disclosed, especially if these recipient are located in third countries or international organisations, and the planned duration of storage of this personal data/the criteria determining this duration,
- to correction, deletion and/or restriction of the data and transfer of any personal data concerning you,
- and to refuse data processing in individual cases.
In order to exercise your rights, please contact our data privacy officer by sending an e-mail to firstname.lastname@example.org.
IX. FURTHER INFORMATION
Your trust is important to us. We will be happy to answer any questions you may have regarding the processing of your personal data. If you have any questions that this data protection declaration does not answer or if, at a later time, you would like more detailed information, please contact our data protection officer at the following e-mail address: email@example.com.
You also have the right to file a complaint regarding the processing of your personal data to the commissioner for data protection of the state of North Rhine-Westphalia.
X. Contact options and your rights
As the subject, you have the following rights:
- in accordance with art. 15 GDPR, you have the right to request information about your personal data processed by us to the extent described therein;
- in accordance with art. 16 GDPR, you have the right to request immediate correction of incorrect or incomplete personal data stored by us;
- in accordance with art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless further processing is not required
- to exercise the right to freedom of expression and information;
- to fulfil legal obligations;
- for reasons of public interest, or
- for the assertion, exercising or defence of legal claims;
- in accordance with art. 18 GDPR, you have the right to demand the restriction of the processing of your personal data insofar as
- the correctness of your data is in dispute;
- the processing is unlawful, but you oppose the deletion of your data;
- we no longer need the data, but you require the data for the assertion, exercising or defence of legal claims, or
- you have lodged an objection to the processing of your data pursuant to art. 21 GDPR;
- in accordance with art. 20 GDPR, you have the right to receive your personal data that you have provided us in a structured, standard and machine-readable format or to request that it be transferred to another responsible party;
- in accordance with art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority in your usual place of residence or work or at our registered office for this purpose.