Privacy Policy ENGLISH

1) Information about the collection of personal data and contact details of the person responsible

 

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data are all data with which you can be personally identified.

 

1.2 Responsible for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Viamontis GmbH, Söllbachtalstraße 16, 83707 Bad Wiessee, Germany, Tel .: +49 174 9094117, email: hello@viamontis.de. The person responsible for the processing of personal data is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data.

 

1.3 The person responsible has appointed a data protection officer, who can be reached as follows: "Nikolai Kulterer, Söllbachtalstraße 16, 83707, Bad Wiessee, +49 170 2259534, nikolai.kulterer@viamontis.de"

 

1.4 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the person responsible), this website uses an SSL or. TLS encryption. You can recognize an encrypted connection by the string "https: //" and the lock symbol in your browser line.

 

2) Data collection when visiting our website

 

When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

 

Our visited website

Date and time at the time of access

Amount of data sent in bytes

Source / reference from which you came to the page

Browser used

Operating system used

IP address used (if necessary: ​​in anonymous form)

Processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of illegal use.

 

3) Hosting

 

Hosting through Shopify

We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify"), for the purpose of hosting and displaying the online shop on the basis of a Processing on our behalf. All data collected on our website is processed on Shopify's servers. As part of the aforementioned Shopify services, data can also be processed as part of further processing on behalf of Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc .or Shopify (USA) Inc. In the event of data being transmitted to Shopify Inc. in Canada, the adequacy decision of the European Commission guarantees the appropriate level of data protection. Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc. and Shopify (USA) Inc. in the USA are certified for the us-European data protection convention "Privacy Shield", which ensures compliance with the data protection level applicable in the EU guaranteed.

Further information on Shopify's data protection can be found on the following website: https://www.shopify.de/legal/datenschutz 

Further processing on servers other than those mentioned by Shopify will only take place within the framework communicated below.

 

4) Cookies

 

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and enable your browser to be recognized the next time you visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values ​​to the individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings in your web browser.

 

In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping cart for a later visit to the website). If personal data is also processed by individual cookies we use, the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR either to implement the contract, in accordance with Art. 6 Para. 1 lit. a GDPR in the case of a given consent or according to Art. 6 Para. 1 lit. f GDPR to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

 

Please note that you can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browser under the following links:

 

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies 

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen 

Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en 

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/12.0/mac/10.14 

Opera: https://help.opera.com/de/latest/web-preferences/#cookies 

 

Please note that the functionality of our website may be restricted if cookies are not accepted.

 

5) Contact us

 

When contacting us (e.g. via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Art. 6 Para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, then an additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR. Your data will be deleted after your request has been processed. This is the case if it can be inferred from the circumstances that the matter in question has been finally clarified and provided that there are no statutory retention requirements.

 

6) Data processing when opening a customer account and for contract processing

 

According to Art. 6 Para. 1 lit. b GDPR, personal data will continue to be collected and processed if you provide it to us for the execution of a contract or when opening a customer account. Which data is collected can be seen from the respective input forms. It is possible to delete your customer account at any time and can send a message to the above. Address of the person responsible. We store and use the data you provide for contract processing. After completion of the contract or deletion of your customer account, your data will be blocked with due regard to tax and commercial law retention periods and deleted after the expiry of these deadlines, unless you have expressly consented to further use of your data or a legally permitted further data use on our part is reserved has been.

 

7) Comment function

 

As part of the comment function on this website, in addition to your comment, information on the time the comment was created and the commentator name you selected are saved and published on this website. Your IP address is also logged and saved. This IP address is saved for security reasons and in the event that the data subject violates the rights of third parties by posting a comment or posts illegal content. We need your email address to contact you if a third party objects to your published content as unlawful. The legal basis for storing your data is Art. 6 Para. 1 lit. b and f GDPR. We reserve the right to delete comments if they are criticized as unlawful by third parties.

 

8) Use of your data for direct advertising

 

8.1 Subscribe to our email newsletter

 

If you register for our e-mail newsletter, we will send you regular information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter if you have expressly confirmed to us that you consent to receiving the newsletter. We will then send you a confirmation e-mail asking you to click the corresponding link to confirm that you want to receive the newsletter in the future.

 

By activating the confirmation link, you give us your consent to the use of your personal data in accordance with Art. 6 Para. 1 lit. a GDPR. When registering for the newsletter, we save your IP address entered by the Internet service provider (ISP) as well as the date and time of registration in order to be able to trace a possible misuse of your email address at a later date. The data we collect when you register for the newsletter will only be used for advertising purposes in the form of the newsletter. You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by sending a message to the person named above. After unsubscribing, your email address will be deleted from our newsletter mailing list immediately, unless you have expressly consented to further use of your data or we reserve the right to use the data beyond this, which is permitted by law and about which we inform you in this declaration.

 

8.2 Sending the e-mail newsletter to existing customers

 

If you have provided us with your e-mail address when purchasing goods or services, we reserve the right to regularly send you offers from our range of goods or services similar to those already purchased from our range. We do not have to obtain any separate consent from you for this in accordance with Section 7 (3) UWG. In this respect, data processing takes place solely on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 Para. 1 lit. f GDPR. If you have initially objected to the use of your email address for this purpose, we will not send an email. You are entitled to object to the use of your email address for the aforementioned advertising purpose at any time with future effect by notifying the person responsible at the beginning. For this, you only incur transmission costs according to the basic tariffs. After receipt of your objection, the use of your email address for advertising purposes will be stopped immediately.

 

8.3 Newsletter dispatch via MailChimp

Our email newsletter is sent via the technical service provider The Rocket Science Group, LLC d / b / a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (http://www.mailchimp.com/), to whom we pass on the data you provided when registering for the newsletter. This transfer takes place in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in using an advertising-effective, safe and user-friendly newsletter system. Please note that your data is usually transferred to a MailChimp server in the USA and stored there.

 

MailChimp uses this information to send and statistically evaluate the newsletter on our behalf. For the evaluation, the emails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. With the help of the web beacons, Mailchimp automatically generates general, non-personal statistics on the response behavior to newsletter campaigns. Based on our legitimate interest in the statistical evaluation of the newsletter campaigns to optimize advertising communication and better focus on recipient interests, the web beacons in accordance with Art. 6 Para. 1 lit f GDPR also collect data of the respective newsletter recipient (email address, Time of access, IP address, browser type and operating system) and used. This data allows individual conclusions to be drawn about the newsletter recipient and is processed by Mailchimp for the automatic creation of statistics that show whether a particular recipient has opened a newsletter message.

 

If you want to deactivate the data analysis for statistical evaluation purposes, you have to unsubscribe from the newsletter.

MailChimp can also use this data in accordance with Art. 6 Para. 1 lit. f Use the GDPR itself based on its own legitimate interest in the needs-based design and optimization of the service and for market research purposes, for example to determine which countries the recipients come from. However, MailChimp does not use the data of our newsletter recipients to write to them themselves or to pass them on to third parties.

To protect your data in the USA, we have concluded a data processing agreement with MailChimp ("Data Processing Agreement") based on the standard contractual clauses of the European Commission to enable the transmission of your personal data to MailChimp. If you are interested, this data processing contract can be viewed at the following Internet address: https://mailchimp.com/legal/data-processing-addendum/

MailChimp is also certified under the US-European data protection agreement "Privacy Shield" and is thus committed to complying with EU data protection regulations.

You can view MailChimp's privacy policy here:

https://mailchimp.com/legal/privacy/ 

 

9) Data processing for order processing

 

9.1 In order to process your order, we work with the following service provider (s), who support us in whole or in part in the execution of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

 

The personal data collected by us will be passed on to the transport company commissioned with the delivery as far as this is necessary for the delivery of the goods. We pass on your payment data to the commissioned credit institution as part of the payment processing, if this is necessary for the payment processing. If payment service providers are used, we will inform you explicitly below. The legal basis for the transfer of the data is Art. 6 Para. 1 lit. b GDPR.

 

9.2 Use of payment service providers (payment services)

 

- Adyen

If you choose a payment method from the payment service provider Adyen, payment will be processed via the payment service provider Adyen, Simon Carmiggeltstraat 6 - 50, 1011 DJ Amsterdam, Netherlands, to whom we will provide the information you provided during the ordering process, together with the information about your order (name, Address, IBAN, BIC, invoice amount, currency and transaction number) according to Art. 6 Para. 1 lit. b Pass on GDPR. Your data will only be passed on for the purpose of payment processing with the payment service provider Adyen and only to the extent that it is necessary for this.

- Apple Pay

If you choose the payment method "Apple Pay" from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, the payment will be processed via the "Apple Pay" function of your device operated with iOS, watchOS or macOS by debiting a payment card deposited with "Apple Pay". Apple Pay uses security features built into your device's hardware and software to help protect your transactions. To release a payment, you have to enter a code that you have previously defined, as well as verification using the "Face ID" or "Touch ID" function on your device.

For the purpose of payment processing, the information you provide during the ordering process and the information about your order are passed on to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is sent to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the outgoing website to confirm payment success.

If personal data are processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Para. 1 lit. b GDPR.

Apple retains anonymized transaction data, including the approximate purchase amount, approximate date and time, and whether the transaction was completed successfully. Anonymization completely excludes personal references. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.

 

When you use Apple Pay on iPhone or Apple Watch to complete a purchase you made through Safari on Mac, the Mac and the authorization device communicate over an encrypted channel on the Apple servers. Apple does not process or store any of this information in a format that can identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone's settings. Go to "Wallet & Apple Pay" and uncheck "Allow payments on Mac".

Further information on data protection at Apple Pay can be found at the following Internet address: https://support.apple.com/de-de/HT203027

 

- Google Pay

If you choose the payment method "Google Pay" from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), the payment is processed via the "Google Pay" application of your with at least Android 4.4 ("KitKat") operated and with an NFC function mobile devices by debiting a payment card deposited with Google Pay or a payment system verified there (eg PayPal). To release a payment via Google Pay in the amount of more than € 25, it is necessary to unlock your mobile device beforehand by means of the verification measure set up in each case (such as face recognition, password, fingerprint or sample).

For the purpose of payment processing, the information you provide during the ordering process and the information about your order will be passed on to Google. Google then transmits your payment information stored in Google Pay in the form of a unique transaction number to the original website, which is used to verify that a payment has been made. This transaction number does not contain any information about the real payment data of your means of payment stored with Google Pay, but is created and transmitted as a one-time numerical token. In all transactions via Google Pay, Google only acts as an intermediary to process the payment process. The transaction is carried out exclusively in the relationship between the user and the initial website by debiting the payment method deposited with Google Pay.

If personal data are processed in the described transmissions, the processing is carried out exclusively for the purpose of payment processing in accordance with Art. 6 Para. 1 lit. b GDPR.

Google reserves the right to collect, save and evaluate certain process-specific information for every transaction made via Google Pay. This includes the date, time and amount of the transaction, location and description of the dealer, a description of the purchased goods or services provided by the dealer, photos that you have attached to the transaction, the name and email address of the seller and buyer or of the sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction.

According to Google, this processing takes place exclusively in accordance with Art. 6 Para. 1 lit. f GDPR based on the legitimate interest in correct accounting, the verification of process data and the optimization and maintenance of the Google Pay service.

Google also reserves the right to combine the processed process data with other information that is collected and stored when Google uses other Google services.

The Google Pay terms of use can be found here:

https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=googlepaytos&ldl=de 

Further information on data protection at Google Pay can be found at the following Internet address:

https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de

- Klarna

If you choose a Klarna payment service, payment will be processed via Klarna Bank AB (publ) [https://www.klarna.com/de], Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter "Klarna"). In order to enable payment to be processed, your personal data (first and last name, street, house number, postcode, city, gender, email address, telephone number and IP address) as well as data related to the order (e.g. invoice amount, item, delivery method) passed on to Klarna for the purpose of identity and credit check, provided that you have given us consent in accordance with Art. 6 Para. 1 lit. a DSGVO have expressly consented to as part of the ordering process. To which credit agencies your data can be forwarded can be viewed here:

https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/credit_rating_agencies 

 

The credit report can contain probability values ​​(so-called score values). As far as score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data is used, among other things, but not exclusively, to calculate the score values. Klarna uses the information it receives about the statistical probability of a payment default for a balanced decision on the establishment, implementation or termination of the contractual relationship.

You can revoke your consent at any time by sending a message to the person responsible for data processing or to Klarna. However, Klarna may still be entitled to process your personal data if this is necessary for the contractual payment processing.

Your personal information will be in accordance with the applicable data protection regulations and in accordance with the information in Klarna's data protection regulations for data subjects based in Germany https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy 

or for those affected based in Austria https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_at/privacy 

treated.

 

- Paypal

When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass your payment details on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). The transfer takes place in accordance with Art. 6 Para. 1 lit. b GDPR and only to the extent that this is necessary for payment processing.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment details may be processed in accordance with Art. 6 Para. 1 lit. f GDPR passed on to credit agencies on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The credit report can contain probability values ​​(so-called score values). As far as score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Address data is used, among other things, but not exclusively, to calculate the score values. For more information on data protection law, including information on the credit agencies used, please refer to PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full 

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be authorized to process your personal data if this is necessary for the contractual payment processing.

 

- Shopify Payments

We use the payment service provider "Shopify Payments", 3rd Floor, Europa House, Harcourt Building, Harcourt Street, Dublin 2. If you choose a payment method offered by the payment service provider Shopify Payments, the payment is processed by the technical service provider Stripe Payments Europe Ltd. , 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom we provided the information you provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) according to Art. 6 Para. 1 lit. b Pass on GDPR. Your data will only be passed on for the purpose of payment processing with Stripe Payments Europe Ltd. and only to the extent that it is necessary for this. For more information on Shopify Payments data protection, please visit the following Internet address: https://www.shopify.com/legal/privacy.

Data protection information on Stripe Payments Europe Ltd. can be found here: https://stripe.com/de/privacy

 

- SOFORT

If you select the payment method "SOFORT", the payment will be processed by the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we will provide the information you provided during the ordering process, together with the information about your order in accordance with Art. 6 para. 1 lit. b Pass on GDPR. Sofort GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will only be passed on for the purpose of payment processing with the payment service provider SOFORT and only to the extent that it is necessary for this. You can find more information about SOFORT's data protection regulations at the following Internet address: https://www.klarna.com/sofort/datenschutz.

 

10) Use of social media: videos

 

Use of YouTube videos

 

This website uses the YouTube embedding function to display and play videos from the provider "Youtube", which belongs to Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google").

 

The extended data protection mode is used here, which, according to the provider, only starts storing user information when the video (s) is played. If the playback of embedded YouTube videos is started, the provider "Youtube" uses cookies to collect information about user behavior. According to "YouTube", these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive practices. If you are logged in to Google, your data will be assigned directly to your account when you click on a video. If you do not want your YouTube profile to be assigned, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 (1) lit. f GDPR based on Google's legitimate interests in displaying personalized advertising, market research and / or designing its website in line with requirements. You have the right to object to the creation of these user profiles, although you must contact YouTube to exercise them. When using YouTube, personal data may also be transmitted to the servers of Google LLC. come in the US.

Regardless of whether the embedded videos are played back, a connection to the Google network is established each time this website is accessed, which may trigger further data processing operations without our influence.

 

In the event of the transfer of personal data to Google LLC. based in the United States, Google LLC. certified for the US-European data protection convention "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/list 

 

Further information on data protection at "YouTube" can be found in the provider's data protection declaration at: https://www.google.de/intl/de/policies/privacy 

 

As far as legally required, we have given your consent to the processing of your data described above in accordance with Art. 6 Para. 1 lit. a GDPR obtained. You can revoke your consent at any time with future effect. In order to exercise your revocation, please follow the option described above to make an objection.

 

11) Tools and others

 

11.1 Cookie consent tool based on Usercentrics technology

 

This website uses a cookie consent tool with technology from Usercentrics GmbH, Rosental 4, 80331 Munich (hereinafter "Usercentrics") to obtain effective user consent for cookies that require consent and cookie-based applications.

 

By integrating a corresponding JavaScript code, users are shown a banner when the page is called up, in which checkmarks can be given for certain cookies and / or cookie-based applications. The tool blocks the setting of all cookies that require consent until the respective user grants the corresponding consent. This ensures that such cookies are only placed on the user's end device if they have given their consent.

 

So that the cookie consent tool can clearly assign page views to individual users and individually record, log and save the consent settings made by the user for a session duration, when the website is called up by the cookie consent tool, certain user information (including the IP address) collected, transmitted to the Usercentrics server and stored there.

 

This data processing takes place in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and therefore in a legally compliant design of our website.

 

Another legal basis for the data processing described is Art. 6 Para. 1 lit. c GDPR. As the person responsible, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

 

We have concluded an order processing contract with Usercentrics, with which we oblige Usercentrics to protect the data of visitors to our website and not to pass it on to third parties.

 

Further information on the use of data by Usercentrics can be found in the Usercentrics data protection declaration at https://usercentrics.com/privacy-policy/ 

 

11.2 Shopsync for Shopify

 

This website uses the Shopify app "Shopsync" from ShopSync LLC, PO Box 252, Jefferson City, TN 37760, USA.

With the help of ShopSync, the newsletter service "Mailchimp" is synchronized with our Shopify account in such a way that updates in e-mail lists from Mailchimp (such as a successful opt-out of a newsletter recipient) are automatically stored on Shopify and, on the other hand New contact data generated on contracts with Shopify are automatically transferred to Mailchimp's email lists.

 

In the former case, data is processed in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in the effective and cross-system maintenance of the files of addressees and the efficient consideration of legally significant changes in status.

 

In the second case, only on the basis of the user's express consent in accordance with Art. 6 Para. 1 lit. a DSGVO after a contract has been concluded on Shopify for inclusion in the Mailchimp list, its first and last name, address and email address together with transaction-related information (purchase amount, time and date of purchase) transmitted to Mailchimp by ShopSync.

 

ShopSync does not save or store data transmitted in this way after synchronization. All information synchronized between Shopify and Mailchimp is transmitted using SSL (Secure Socket Layer) technology, and all information transmitted remains encrypted during the synchronization process.

 

The synchronization process requires the transfer of information over a secure connection to servers hosted by Amazon Web Services in the United States. Amazon Web Services, based in the USA, is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU. A current certificate can be viewed here: https://www.privacyshield.gov/participant?id=a2zt0000000TOWQAA4 

 

Further data protection information on ShopSync can be found here: https://shopsync.io/privacy-policy 

 

12) Rights of the data subject

 

12.1 The applicable data protection law grants you comprehensive data protection rights (information and intervention rights) to the person responsible with regard to the processing of your personal data, about which we inform you below:

 

Right to information in accordance with Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of processed personal data, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned Storage period or the criteria for determining the storage period, the existence of a right to correction, deletion, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if we did not collect it from you, that There is an automated decision-making process including profiling and, if necessary, meaningful information about the logic involved and the scope that affects you and the intended effects of such processing, as well as your right to be informed about the guarantees according to Art. 46 GDPR for forwarding I their data exists in third countries;

Right to correction in accordance with Art. 16 GDPR: You have the right to immediate correction of incorrect data concerning you and / or completion of your incomplete data stored by us;

Right to deletion according to Art. 17 GDPR: You have the right to request the deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the correctness of your data, which you disputed, is checked, if you reject the deletion of your data due to inadmissible data processing and instead the Request restriction of the processing of your data if you need your data to assert, exercise or defend legal claims, after we no longer need this data after the purpose has been achieved or if you have objected for reasons of your special situation, as long as it is not certain whether our legitimate ones Reasons outweigh;

Right to information in accordance with Art. 19 GDPR: If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to correct or delete the data to all recipients to whom your personal data have been disclosed Notify processing restrictions unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

Right to data portability according to Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible, insofar as this is technically feasible;

Right to revoke consent given in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent to the processing of data at any time with future effect. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;

Right to lodge a complaint in accordance with Art. 77 GDPR: If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the, without prejudice to any other administrative or judicial remedy Member State of your whereabouts, your place of work or the place of the alleged violation.

 

12.2 RIGHT TO OBJECT

 

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR PRINCIPLE OF INTERESTED LEGAL INTEREST, YOU WILL HAVE THE RIGHT TO BE DIFFERENT FOR REASONS FOR YOUR SITUATION.

If you exercise your right to object, we will stop processing the data concerned. A FURTHER PROCESSING IS RESERVED, BUT IF WE CAN PROVIDE OBLIGATORY PROTECTIVE REASONS FOR THE PROCESSING THAT OVER YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FUNDAMENTAL PROPERTIES, OR IF THE PROCESSING OF PUBLICITY OR PEDICTION.

 

IF YOUR PERSONAL DATA IS PROCESSED BY US TO OPERATE DIRECT ADVERTISEMENT, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESS PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE CONTRADICTION AS DESCRIBED ABOVE.

 

If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

 

13) Duration of storage of personal data

 

The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and - if relevant - also on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

 

When processing personal data based on an express consent in accordance with Art. 6 Para. 1 lit. a GDPR, this data is stored until the data subject withdraws their consent.

 

Are there legal retention periods for data that is part of legal or similar legal obligations on the basis of Art. 6 para. 1 lit. b GDPR are processed, this data will be routinely deleted after the retention periods have expired, provided that they are no longer required for contract fulfillment or contract initiation and / or if we have no legitimate interest in further storage.

 

When processing personal data on the basis of Art. 6 Para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object pursuant to Art. 21 Para. 1 GDPR, unless we can demonstrate compelling legitimate reasons for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

 

When processing personal data for the purpose of direct advertising on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises his right to object pursuant to Art. 21 Para. 2 GDPR.

 

Unless otherwise stated in the other information in this declaration on specific processing situations, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

 

We attach great importance to absolute transparency! Responsible handling of your data is a matter of course for us. If you have any questions or other topics, please do not hesitate to contact us at hello@viamontis.de or by phone at +49 174 9094117 or using the contact details of our data protection officer.

 

Your Viamontis Team