Privacy Policy
1. Information on the collection of personal data and contact details of the controller
2. Data collection when visiting our website
3. Contacting us
4. Cookies
5. Data processing for order handling
6. Data processing when opening a customer account and for contract processing
7. Contacting us for review reminders
8. Use of social media: social plugins
9. Use of social media: video
10. Online marketing
11. Web analytics services
12. Retargeting / remarketing / referral advertising
13. Tools and miscellaneous
14. Rights of the data subject
15. Duration of storage of personal data
16. Use of the revocation button
1. Information on the collection of personal data and contact details of the controller
1.1. Thank you for visiting our website. Below we would like to inform you about how we handle your personal data when you use our website. Personal data is generally all data with which you can be personally identified.
1.2. The controller responsible for data processing on our website within the meaning of the General Data Protection Regulation (GDPR) is:
nanobike GmbH
Oberspreestr. 183-185
12555 Berlin
Germany
Tel.: 030 617 95 856
E-mail: info@nanobike.de
1.2.0.0.1. The controller has appointed a data protection officer; you can reach them at the following contact details:
nanobike GmbH
Oberspreestr. 183-185
12555 Berlin
Tel: 030 678 21 888
E-mail: info@nanobike.de
1.3. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TLS) via HTTPS.
2. Data collection when visiting our website
Whenever our website is accessed, our system automatically collects data and information that your browser transmits to our server (so-called “server log files”). The following technically necessary data is collected:
The legal basis for processing is Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and maintaining the functionality of our website. No data is passed on or otherwise used. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address must remain stored for the duration of the session.
We reserve the right to subsequently review server log files if there are concrete indications of unlawful use. The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Longer storage is possible. In this case, the IP addresses of users are deleted or anonymized so that it is no longer possible to assign them to the accessing client. The collection of data for providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
3. Contacting us
If you contact us via a contact form, the data entered in the input mask will be transmitted to us and stored. The data collected can be seen from the respective input form. When contacting us by e-mail, only the data you provide there will be transmitted to us.
The data is used exclusively for processing the conversation and your request. The legal basis for processing the data is, where consent has been given, Art. 6 (1) (a) GDPR. The legal basis for processing data transmitted in the course of sending an e-mail is Art. 6 (1) (f) GDPR. If the e-mail contact aims at concluding a contract, the additional legal basis is Art. 6 (1) (b) GDPR. The data is deleted as soon as it is no longer required to achieve the purpose of its collection and provided that no statutory retention obligations prevent deletion. For personal data from the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The user may revoke consent to the processing of personal data at any time. If the user contacts us by e-mail, they may object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
4. Cookies
Our website uses cookies.
Cookies are text files stored on the user’s device. When a user visits a website, a cookie may be stored on the user’s operating system. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized again after a page change. The user data collected by technically necessary cookies is not used to create user profiles. These purposes also constitute our legitimate interest in processing personal data pursuant to Art. 6 (1) (f) GDPR.
In addition, our website may use cookies that enable analysis of users’ browsing behavior (so-called third-party cookies). Further information on scope, purpose, legal basis and objection options can be found in the respective sections of this privacy policy.
As a user, you have full control over the use of cookies. By changing your internet browser settings, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, you may no longer be able to use all functions of the website to their full extent. You can prevent Flash cookies by changing the settings of the Flash Player.
Help on settings can be found in your browser’s help menu or via the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Some of the cookies used here are deleted after closing your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a predetermined period, which may vary depending on the cookie.
5. Data processing for order handling
5.1. If you wish to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. We process the data you provide to handle your order.
We partly work with external service providers to process your order. For this purpose, we must pass on the necessary personal data.
If we commission transport companies to deliver your goods, we pass on the data required for delivery to the respective transport company. For payment processing, we pass on your data to the commissioned credit institution where necessary. If we use payment service providers, you will be informed about this below.
The legal basis for data transfer is Art. 6 (1) (b) GDPR.
5.2. Transfer of your personal data to shipping service providers
- DHL
If delivery is made by DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany), we will only pass on the name of the recipient and the delivery address to DHL for delivery purposes, insofar as this is necessary pursuant to Art. 6 (1) (b) GDPR. Only if you have given your explicit consent during the ordering process will we pass on your e-mail address to DHL prior to delivery for the purpose of arranging a delivery date or delivery notification pursuant to Art. 6 (1) (a) GDPR. You may revoke your consent at any time with effect for the future.
5.3. Use of payment service providers
- Amazon Pay
When paying via “Amazon Pay”, payment processing is carried out by Amazon Payments Europe s.c.a., 5 Rue Plaetis, L-2338 Luxembourg (hereinafter “Amazon Payments”). The seller passes on the information provided during the ordering process to Amazon Payments exclusively for the purpose of payment processing and only to the extent necessary pursuant to Art. 6 (1) (b) GDPR. Further information on Amazon Payments’ privacy policy can be found here: https://pay.amazon.com/de/help/201751600
5.4. Apple Pay
When selecting the payment method “Apple Pay” (a service of Apple Distribution International, Hollyhill Industrial Estate, Cork, Ireland), payment processing is carried out via the “Apple Pay” function of your iOS, watchOS or macOS device by charging a payment card stored in Apple Pay.
The protection of your transaction is ensured by the security functions of your device’s hardware and software. To authorize a payment, it must be confirmed using a code and via Face ID or Touch ID.
Your information provided during the order process, along with order details, is transmitted in encrypted form to Apple for payment processing. These data are then re-encrypted by Apple and transmitted to the payment service provider of the card stored in Apple Pay. Encryption ensures that only the website on which the order was placed can access the payment data.
After payment, Apple sends the device account number and a transaction-specific dynamic security code back to the shop website to confirm the payment.
Personal data may be processed in these processes. In this case, it is done for payment processing pursuant to Art. 6 (1) (b) GDPR.
When using Apple Pay on iPhone or Apple Watch to complete a purchase made via Safari on Mac, the devices communicate via an encrypted channel through Apple servers. Apple may process or store data, but in a format that does not identify you.
Information on Apple Pay privacy is available here:
https://support.apple.com/de-de/HT203027
5.5. bancontact
When paying via “bancontact” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
Further information on PayPal Checkout can be found in the relevant section below.
5.6. blik
When paying via “blik” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
Further information on PayPal Checkout can be found in the relevant section below.
- Easycredit installment purchase
When selecting the “installment purchase” payment method and giving the required consent pursuant to Art. 6 (1) (a) GDPR, personal data (first name, last name, address, email, phone number, date of birth, IP address, gender) together with transaction data (items, invoice amount, due dates, total amount, invoice number, taxes, currency, order date and time) are transmitted to our partner TeamBank AG Nürnberg easyCredit, Beuthener Straße 25, 90471 Nuremberg, for processing this payment method.
For identity and credit checks, our partner performs inquiries with publicly accessible databases and credit agencies. The providers and further details on data processing after transmission can be found in the partner’s privacy policy: https://www.easycredit.de/datenschutz
The information obtained about the statistical probability of default is used for a decision on whether to conclude, carry out or terminate the contract. You may present your view and contest the decision.
Consent can be revoked at any time.
5.7. Google Pay
When selecting “Google Pay” (a service of Google Ireland Limited, Dublin, Ireland), payment processing is carried out via the Google Pay app on your Android device with NFC functionality. Payment is made via a payment card stored in Google Pay or another verified payment system (e.g. PayPal).
To authorize payments above 25 EUR, you must unlock your device.
Your information is transmitted to Google for payment processing. Google generates a one-time transaction number that is sent to the merchant to verify the payment. This token contains no personal data. The actual transaction is carried out between the user and the payment system used. Personal data may be processed for payment purposes pursuant to Art. 6 (1) (b) GDPR.
Terms of use: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Privacy information: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
Google privacy policy: https://business.safety.google/privacy/
- iDEAL
When paying via “iDEAL” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
5.8. mybank
When paying via “mybank” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
- PayPal
When selecting PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – purchase on account or installment payment via PayPal, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
We pass on your personal data to PayPal as necessary pursuant to Art. 6 (1) (b) GDPR. PayPal may perform credit checks for certain payment methods. For this purpose, payment data may be shared with credit agencies based on Art. 6 (1) (f) GDPR due to legitimate interest in assessing creditworthiness. Credit scores may be used in decision-making. You may object, though PayPal may still process data if necessary for payment execution. Privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
5.9. PayPal Checkout
We use PayPal Checkout (PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg) on this website.
PayPal Checkout is an online payment solution that supports PayPal payment methods as well as local third-party payment methods.
When selecting a payment method, we transmit the necessary payment data to PayPal for processing pursuant to Art. 6 (1) (b) GDPR.
For certain methods, PayPal may perform credit checks and share data with credit agencies based on legitimate interest. You may object, but processing may continue if required for payment execution.
If you select PayPal invoice purchase, data is forwarded to Ratepay GmbH, Berlin, which performs identity and credit checks. Further details: https://www.ratepay.com/legal-payment-creditagencies/
When using local third-party providers (e.g. iDeal, giropay, Sofort, etc.), PayPal forwards data to the respective provider for payment processing.
Further information: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
5.10. Przelewy24
When selecting a payment method from Przelewy24 via PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
5.11. Credit checks
- Creditreform Boniversum
If we provide services in advance (e.g. invoice purchase), we may carry out a credit check using mathematical-statistical methods. Data is transmitted to Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, Germany.
Score values may be included in the credit report. You may object to this processing, though we may continue processing if required for contract performance.
6. Data processing when opening a customer account and for contract processing
When you open a customer account with us, personal data is collected and processed pursuant to Art. 6 (1) (b) GDPR. The scope of the data is shown in the input form. The data is stored and used for contract processing.
You may delete your customer account at any time. In that case, we will block your data with regard to statutory retention periods and delete it after these periods expire. This may be overridden only by consent or legal permission for further use.
7. Contacting us for review reminders
7.1. Internal review reminder
After your explicit consent pursuant to Art. 6 (1) (a) GDPR, you will receive a one-time email reminder to submit a review of your order. You may revoke consent at any time.
7.2. Review reminder via Google Customer Reviews
With your explicit consent, we transmit your email address to Google Customer Reviews (Google Ireland Ltd., Dublin, Ireland). You will receive a review reminder email from Google.
You may revoke consent at any time.
More information: https://business.safety.google/privacy/
8. Use of social media: social plugins
Instagram as standard plugin
We use social plugins of Instagram (Meta Platforms Ireland Limited, Dublin, Ireland).
When accessing pages containing such a plugin, your browser connects directly to Instagram servers and transmits data, including your IP address, to Instagram in the USA.
If you are logged into Instagram, your visit may be assigned to your account. Interactions are also transmitted and may be published.
Legal basis is Art. 6 (1) (f) GDPR (legitimate interest in advertising).
To prevent assignment, log out of Instagram before visiting our site or use browser add-ons.
Meta Platforms Inc. is certified under the EU-U.S. Data Privacy Framework.
Privacy policy: https://instagram.com/about/legal/privacy/
9. Use of social media: video
YouTube videos
We use YouTube embedding (Google Ireland Limited). In enhanced privacy mode, cookies are only set when a video is played. When started, YouTube may collect usage data and associate it with your Google account if logged in.
Google may create usage profiles and process data, including in the USA.
Legal basis is Art. 6 (1) (a) GDPR (consent).
Privacy policy: https://policies.google.com/privacy?hl=de
10. Online marketing
Google Ads Conversion Tracking
We use Google Ads conversion tracking. Cookies are set when clicking ads, typically expiring after 30 days. No personal identification occurs.
Legal basis is consent under Art. 6 (1) (a) GDPR.
Opt-out options: https://www.google.com/settings/ads/plugin?hl=de
11. Web analytics services
Google Analytics 4
We use Google Analytics 4 (Google Ireland Limited). Cookies enable analysis of website usage. Data may be transferred to the USA. IP addresses are anonymized.
Data includes events such as page views, clicks, scrolling, video interaction, downloads, etc.
Legal basis is consent under Art. 6 (1) (a) GDPR. Data is stored for two months.
More information: https://policies.google.com/privacy?hl=de&gl=de
12. Retargeting / remarketing / referral advertising
Microsoft Advertising
Uses cookies for conversion tracking. Data is not personally identifiable. Legal basis is consent.
Opt-out: http://www.youronlinechoices.com/uk/your-ad-choices/
Google Ads Remarketing
Uses cookies to show interest-based ads. Legal basis is consent.
Opt-out: https://www.google.com/settings/ads/onweb/
13. Tools and miscellaneous
Google Maps
Used for interactive maps; may transmit IP address and location data to Google. Legal basis is consent.
Google Web Fonts
Fonts are loaded from Google servers, transmitting IP addresses. Legal basis is consent.
Google Tag Manager
Used to manage tracking tools; may transmit IP address. No profiling by itself.
14. Rights of the data subject
You have the following rights under GDPR:
- Right of access (Art. 15)
- Right to rectification (Art. 16)
- Right to restriction of processing (Art. 18)
- Right to erasure (Art. 17)
- Right to notification (Art. 19)
- Right to data portability (Art. 20)
- Right to withdraw consent (Art. 7 (3))
- Right to lodge a complaint (Art. 77)
You also have the right to object to processing based on legitimate interests.
15. Duration of storage of personal data
Storage duration depends on statutory retention periods. Data is deleted after expiry unless required for contract fulfillment or legitimate interests.
16. Use of the revocation button
When using the revocation button, we process: name, order/contract data, communication data, time of revocation, and possibly account/IP data. Processing is for identification and documentation of your revocation. Data is stored for up to 10 years unless legal obligations require longer retention. Legal basis is Art. 6 (1) (b) and Art. 6 (1) (c) GDPR.
1. Information on the collection of personal data and contact details of the controller
2. Data collection when visiting our website
3. Contacting us
4. Cookies
5. Data processing for order handling
6. Data processing when opening a customer account and for contract processing
7. Contacting us for review reminders
8. Use of social media: social plugins
9. Use of social media: video
10. Online marketing
11. Web analytics services
12. Retargeting / remarketing / referral advertising
13. Tools and miscellaneous
14. Rights of the data subject
15. Duration of storage of personal data
16. Use of the revocation button
1. Information on the collection of personal data and contact details of the controller
1.1. Thank you for visiting our website. Below we would like to inform you about how we handle your personal data when you use our website. Personal data is generally all data with which you can be personally identified.
1.2. The controller responsible for data processing on our website within the meaning of the General Data Protection Regulation (GDPR) is:
nanobike GmbH
Oberspreestr. 183-185
12555 Berlin
Germany
Tel.: 030 617 95 856
E-mail: info@nanobike.de
1.2.0.0.1. The controller has appointed a data protection officer; you can reach them at the following contact details:
nanobike GmbH
Oberspreestr. 183-185
12555 Berlin
Tel: 030 678 21 888
E-mail: info@nanobike.de
1.3. To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL or TLS) via HTTPS.
2. Data collection when visiting our website
Whenever our website is accessed, our system automatically collects data and information that your browser transmits to our server (so-called “server log files”). The following technically necessary data is collected:
- The website visited by us
- Date and time of access
- Amount of data sent in bytes
- Source/referrer from which you reached the page
- Operating system used
- Browser used
- IP address used (possibly in anonymized form)
The legal basis for processing is Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and maintaining the functionality of our website. No data is passed on or otherwise used. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address must remain stored for the duration of the session.
We reserve the right to subsequently review server log files if there are concrete indications of unlawful use. The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after seven days at the latest. Longer storage is possible. In this case, the IP addresses of users are deleted or anonymized so that it is no longer possible to assign them to the accessing client. The collection of data for providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
3. Contacting us
If you contact us via a contact form, the data entered in the input mask will be transmitted to us and stored. The data collected can be seen from the respective input form. When contacting us by e-mail, only the data you provide there will be transmitted to us.
The data is used exclusively for processing the conversation and your request. The legal basis for processing the data is, where consent has been given, Art. 6 (1) (a) GDPR. The legal basis for processing data transmitted in the course of sending an e-mail is Art. 6 (1) (f) GDPR. If the e-mail contact aims at concluding a contract, the additional legal basis is Art. 6 (1) (b) GDPR. The data is deleted as soon as it is no longer required to achieve the purpose of its collection and provided that no statutory retention obligations prevent deletion. For personal data from the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The user may revoke consent to the processing of personal data at any time. If the user contacts us by e-mail, they may object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
4. Cookies
Our website uses cookies.
Cookies are text files stored on the user’s device. When a user visits a website, a cookie may be stored on the user’s operating system. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized again after a page change. The user data collected by technically necessary cookies is not used to create user profiles. These purposes also constitute our legitimate interest in processing personal data pursuant to Art. 6 (1) (f) GDPR.
In addition, our website may use cookies that enable analysis of users’ browsing behavior (so-called third-party cookies). Further information on scope, purpose, legal basis and objection options can be found in the respective sections of this privacy policy.
As a user, you have full control over the use of cookies. By changing your internet browser settings, you can deactivate, restrict or delete the transmission of cookies. If you deactivate cookies for our website, you may no longer be able to use all functions of the website to their full extent. You can prevent Flash cookies by changing the settings of the Flash Player.
Help on settings can be found in your browser’s help menu or via the following links:
Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/en/latest/web-preferences/#cookies
Some of the cookies used here are deleted after closing your browser (so-called session cookies). Other cookies remain on your device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information such as browser and location data as well as IP address values. Persistent cookies are automatically deleted after a predetermined period, which may vary depending on the cookie.
5. Data processing for order handling
5.1. If you wish to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order. We process the data you provide to handle your order.
We partly work with external service providers to process your order. For this purpose, we must pass on the necessary personal data.
If we commission transport companies to deliver your goods, we pass on the data required for delivery to the respective transport company. For payment processing, we pass on your data to the commissioned credit institution where necessary. If we use payment service providers, you will be informed about this below.
The legal basis for data transfer is Art. 6 (1) (b) GDPR.
5.2. Transfer of your personal data to shipping service providers
- DHL
If delivery is made by DHL (Deutsche Post AG, Charles-de-Gaulle-Straße 20, 53113 Bonn, Germany), we will only pass on the name of the recipient and the delivery address to DHL for delivery purposes, insofar as this is necessary pursuant to Art. 6 (1) (b) GDPR. Only if you have given your explicit consent during the ordering process will we pass on your e-mail address to DHL prior to delivery for the purpose of arranging a delivery date or delivery notification pursuant to Art. 6 (1) (a) GDPR. You may revoke your consent at any time with effect for the future.
5.3. Use of payment service providers
- Amazon Pay
When paying via “Amazon Pay”, payment processing is carried out by Amazon Payments Europe s.c.a., 5 Rue Plaetis, L-2338 Luxembourg (hereinafter “Amazon Payments”). The seller passes on the information provided during the ordering process to Amazon Payments exclusively for the purpose of payment processing and only to the extent necessary pursuant to Art. 6 (1) (b) GDPR. Further information on Amazon Payments’ privacy policy can be found here: https://pay.amazon.com/de/help/201751600
5.4. Apple Pay
When selecting the payment method “Apple Pay” (a service of Apple Distribution International, Hollyhill Industrial Estate, Cork, Ireland), payment processing is carried out via the “Apple Pay” function of your iOS, watchOS or macOS device by charging a payment card stored in Apple Pay.
The protection of your transaction is ensured by the security functions of your device’s hardware and software. To authorize a payment, it must be confirmed using a code and via Face ID or Touch ID.
Your information provided during the order process, along with order details, is transmitted in encrypted form to Apple for payment processing. These data are then re-encrypted by Apple and transmitted to the payment service provider of the card stored in Apple Pay. Encryption ensures that only the website on which the order was placed can access the payment data.
After payment, Apple sends the device account number and a transaction-specific dynamic security code back to the shop website to confirm the payment.
Personal data may be processed in these processes. In this case, it is done for payment processing pursuant to Art. 6 (1) (b) GDPR.
When using Apple Pay on iPhone or Apple Watch to complete a purchase made via Safari on Mac, the devices communicate via an encrypted channel through Apple servers. Apple may process or store data, but in a format that does not identify you.
Information on Apple Pay privacy is available here:
https://support.apple.com/de-de/HT203027
5.5. bancontact
When paying via “bancontact” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
Further information on PayPal Checkout can be found in the relevant section below.
5.6. blik
When paying via “blik” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
Further information on PayPal Checkout can be found in the relevant section below.
- Easycredit installment purchase
When selecting the “installment purchase” payment method and giving the required consent pursuant to Art. 6 (1) (a) GDPR, personal data (first name, last name, address, email, phone number, date of birth, IP address, gender) together with transaction data (items, invoice amount, due dates, total amount, invoice number, taxes, currency, order date and time) are transmitted to our partner TeamBank AG Nürnberg easyCredit, Beuthener Straße 25, 90471 Nuremberg, for processing this payment method.
For identity and credit checks, our partner performs inquiries with publicly accessible databases and credit agencies. The providers and further details on data processing after transmission can be found in the partner’s privacy policy: https://www.easycredit.de/datenschutz
The information obtained about the statistical probability of default is used for a decision on whether to conclude, carry out or terminate the contract. You may present your view and contest the decision.
Consent can be revoked at any time.
5.7. Google Pay
When selecting “Google Pay” (a service of Google Ireland Limited, Dublin, Ireland), payment processing is carried out via the Google Pay app on your Android device with NFC functionality. Payment is made via a payment card stored in Google Pay or another verified payment system (e.g. PayPal).
To authorize payments above 25 EUR, you must unlock your device.
Your information is transmitted to Google for payment processing. Google generates a one-time transaction number that is sent to the merchant to verify the payment. This token contains no personal data. The actual transaction is carried out between the user and the payment system used. Personal data may be processed for payment purposes pursuant to Art. 6 (1) (b) GDPR.
Terms of use: https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de
Privacy information: https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de
Google privacy policy: https://business.safety.google/privacy/
- iDEAL
When paying via “iDEAL” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
5.8. mybank
When paying via “mybank” through PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
- PayPal
When selecting PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – purchase on account or installment payment via PayPal, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg (hereinafter “PayPal”).
We pass on your personal data to PayPal as necessary pursuant to Art. 6 (1) (b) GDPR. PayPal may perform credit checks for certain payment methods. For this purpose, payment data may be shared with credit agencies based on Art. 6 (1) (f) GDPR due to legitimate interest in assessing creditworthiness. Credit scores may be used in decision-making. You may object, though PayPal may still process data if necessary for payment execution. Privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
5.9. PayPal Checkout
We use PayPal Checkout (PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg) on this website.
PayPal Checkout is an online payment solution that supports PayPal payment methods as well as local third-party payment methods.
When selecting a payment method, we transmit the necessary payment data to PayPal for processing pursuant to Art. 6 (1) (b) GDPR.
For certain methods, PayPal may perform credit checks and share data with credit agencies based on legitimate interest. You may object, but processing may continue if required for payment execution.
If you select PayPal invoice purchase, data is forwarded to Ratepay GmbH, Berlin, which performs identity and credit checks. Further details: https://www.ratepay.com/legal-payment-creditagencies/
When using local third-party providers (e.g. iDeal, giropay, Sofort, etc.), PayPal forwards data to the respective provider for payment processing.
Further information: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
5.10. Przelewy24
When selecting a payment method from Przelewy24 via PayPal Checkout, payment processing is carried out via PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg.
Further information can be found in the PayPal Checkout section.
5.11. Credit checks
- Creditreform Boniversum
If we provide services in advance (e.g. invoice purchase), we may carry out a credit check using mathematical-statistical methods. Data is transmitted to Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss, Germany.
Score values may be included in the credit report. You may object to this processing, though we may continue processing if required for contract performance.
6. Data processing when opening a customer account and for contract processing
When you open a customer account with us, personal data is collected and processed pursuant to Art. 6 (1) (b) GDPR. The scope of the data is shown in the input form. The data is stored and used for contract processing.
You may delete your customer account at any time. In that case, we will block your data with regard to statutory retention periods and delete it after these periods expire. This may be overridden only by consent or legal permission for further use.
7. Contacting us for review reminders
7.1. Internal review reminder
After your explicit consent pursuant to Art. 6 (1) (a) GDPR, you will receive a one-time email reminder to submit a review of your order. You may revoke consent at any time.
7.2. Review reminder via Google Customer Reviews
With your explicit consent, we transmit your email address to Google Customer Reviews (Google Ireland Ltd., Dublin, Ireland). You will receive a review reminder email from Google.
You may revoke consent at any time.
More information: https://business.safety.google/privacy/
8. Use of social media: social plugins
Instagram as standard plugin
We use social plugins of Instagram (Meta Platforms Ireland Limited, Dublin, Ireland).
When accessing pages containing such a plugin, your browser connects directly to Instagram servers and transmits data, including your IP address, to Instagram in the USA.
If you are logged into Instagram, your visit may be assigned to your account. Interactions are also transmitted and may be published.
Legal basis is Art. 6 (1) (f) GDPR (legitimate interest in advertising).
To prevent assignment, log out of Instagram before visiting our site or use browser add-ons.
Meta Platforms Inc. is certified under the EU-U.S. Data Privacy Framework.
Privacy policy: https://instagram.com/about/legal/privacy/
9. Use of social media: video
YouTube videos
We use YouTube embedding (Google Ireland Limited). In enhanced privacy mode, cookies are only set when a video is played. When started, YouTube may collect usage data and associate it with your Google account if logged in.
Google may create usage profiles and process data, including in the USA.
Legal basis is Art. 6 (1) (a) GDPR (consent).
Privacy policy: https://policies.google.com/privacy?hl=de
10. Online marketing
Google Ads Conversion Tracking
We use Google Ads conversion tracking. Cookies are set when clicking ads, typically expiring after 30 days. No personal identification occurs.
Legal basis is consent under Art. 6 (1) (a) GDPR.
Opt-out options: https://www.google.com/settings/ads/plugin?hl=de
11. Web analytics services
Google Analytics 4
We use Google Analytics 4 (Google Ireland Limited). Cookies enable analysis of website usage. Data may be transferred to the USA. IP addresses are anonymized.
Data includes events such as page views, clicks, scrolling, video interaction, downloads, etc.
Legal basis is consent under Art. 6 (1) (a) GDPR. Data is stored for two months.
More information: https://policies.google.com/privacy?hl=de&gl=de
12. Retargeting / remarketing / referral advertising
Microsoft Advertising
Uses cookies for conversion tracking. Data is not personally identifiable. Legal basis is consent.
Opt-out: http://www.youronlinechoices.com/uk/your-ad-choices/
Google Ads Remarketing
Uses cookies to show interest-based ads. Legal basis is consent.
Opt-out: https://www.google.com/settings/ads/onweb/
13. Tools and miscellaneous
Google Maps
Used for interactive maps; may transmit IP address and location data to Google. Legal basis is consent.
Google Web Fonts
Fonts are loaded from Google servers, transmitting IP addresses. Legal basis is consent.
Google Tag Manager
Used to manage tracking tools; may transmit IP address. No profiling by itself.
14. Rights of the data subject
You have the following rights under GDPR:
- Right of access (Art. 15)
- Right to rectification (Art. 16)
- Right to restriction of processing (Art. 18)
- Right to erasure (Art. 17)
- Right to notification (Art. 19)
- Right to data portability (Art. 20)
- Right to withdraw consent (Art. 7 (3))
- Right to lodge a complaint (Art. 77)
You also have the right to object to processing based on legitimate interests.
15. Duration of storage of personal data
Storage duration depends on statutory retention periods. Data is deleted after expiry unless required for contract fulfillment or legitimate interests.
16. Use of the revocation button
When using the revocation button, we process: name, order/contract data, communication data, time of revocation, and possibly account/IP data. Processing is for identification and documentation of your revocation. Data is stored for up to 10 years unless legal obligations require longer retention. Legal basis is Art. 6 (1) (b) and Art. 6 (1) (c) GDPR.