We take the
protection of your personal data seriously and adhere to the rules of the
applicable data protection laws, in particular the EU General Data Protection
Regulation (EU-GDPR) and the Federal Data Protection Act (BDSG), as well as
this privacy policy. We process personal data of our users only insofar as they
are necessary for the provision of a functioning website and our content,
services, offers etc.
Personal data is any information that relates to an identified or identifiable
natural person.
The privacy policy gives you an overview of what kind of personal data is being
processed and for what purpose. In addition, this Privacy Policy explains how
we protect the privacy of your personal information.
1. Name and
contact details of the controller
This privacy policy applies to data processing by:
Responsible:
SAUNA UNIVERSE UG
Represented by the general manager
Frau Viktorija Bucelyte- Kacerauskiene
Gießener Str. 19
35435 Wettenberg
Germany
Telephone: 015779019933
E-Mail: info@saunahuete.de
VAT No.: DE335659899
listed in the commercial register of the local court Gießen
Commercial register number – Part B of the commercial register – HRB 10267
Phone:
+4915779019933
Email: info@saunahuete.de
Website: www.saunahuete.de
2.
Collection and storage of personal data as well as the nature and purpose of
their use
a) When visiting our website
You can visit our website www.saunahuete.de without having to provide us with
any information about you (who you are).
In the case of such purely informative use of our website, that is, if you do not register or otherwise provide us with information about yourself, we will only collect the personal data that your browser transmits to our server. When you visit our website www.saunahuete.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion: • IP address of the requesting computer, • date and time of access, • Name and URL of the retrieved file, • Website from which access is made (referrer URL), • browser used and, if applicable, the operating system of your computer as well as the name of your access provider, language and version of the browser software The data mentioned are processed by us for the following purposes: • ensuring a smooth connection of the website, • ensuring comfortable use of our website, • Evaluation of system security and stability as well • for further administrative purposes. The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f) EU GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you. b) When using our webshop When using our webshop, e.g. By submitting your offers, by accepting our offers, by registering or by other means of communication, we will process the personal data you provide solely for the purpose of initiating the contract or fulfillment of the contract.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b) EU GDPR. According to this, data processing is required to conclude or fulfill a contract of which the data subject is a party or to carry out pre-contractual measures which are carried out at the request of the data subject. When using our webshop, the following personal data will be processed by us: • First and last name (company: company) • Address • Telephone number (landline number and / or mobile number) • fax number (only if available) • E-mail address • IBAN (only if required to process payments) • credit card number plus check digit (only if required to process payments) The processing of this data is carried out for the purpose of fulfilling the contractual obligations, in particular for sending the goods, to process the payment incl. Invoicing, to process any warranty claims and to any related correspondence with you. You may also voluntarily create a customer account where we may store your personal information for later purchases. When an account is created under “My Account”, the data you provide there will be revocable stored. All other data, including your user account, you can always delete in the customer area. c) By using our contact form In order to be able to send us your questions, comments, comments, etc., we have provided a contact form on the website. In order to use it, your e-mail address and name are mandatory so that we know who to respond to; You can voluntarily provide further information. The legal basis for data processing is your voluntarily granted consent (Article 6 (1) sentence 1 (a) EU GDPR).
The personal data collected by us for the use of the contact form will be deleted after completion of the request made by you. e) processing based on legitimate interests As far as this is necessary for our business purposes, we process your data – apart from the contract initiation or fulfillment as well as an expressly granted consent – for the protection of legitimate interests of our company, unless a balance in the individual case shows that your legitimate rights and Fundamental freedoms that require the protection of personal data predominate (see Article 6 (1) (f) EU GDPR). Our legitimate interests include: • Direct mail, unless you have objected to the use of your personal information. 3. Disclosure of data to third parties A transfer of your personal data to third parties for purposes other than those listed below does not take place. In particular, without your express consent, no disclosure to third parties, e.g. for advertising purposes. We only share your personal information with third parties if: • You yours according to Art. 6 para. 1 sentence 1 lit. a) have granted EU-DSGVO explicit consent; • this according to Art. 6 para. 1 sentence 1 lit. b) EU GDPR is required for the settlement of contractual relationships with you, e.g. to credit institutions for processing the contractually agreed payments, to shipping and transport companies for the purpose of transporting goods, including tracking consignments, in the event of non-fulfillment of contractually agreed payments for law enforcement and legal services companies; • in the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c) EU GDPR is a legal obligation; or • disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f) EU GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data.
4. Storage duration and data deletion Your personal data will in particular be deleted as soon as they are no longer necessary for the purposes for which they were collected or otherwise processed. Thereafter, the data will be erased unless the storage is necessary to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject or for the purpose of enforcing, pursuing or defending legal claims. A legal obligation is the legal storage obligations, e.g. 10 years (for accounting data incl. Order and payment data, payroll accounting) or 6 years (for commercial correspondence). During the period of retention, the data will be blocked, after which the deletion will take place. 5. Affected rights You have the right, • according to Art. 7 (3) EU-GDPR, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future. The legality of the data processing carried out until the revocation remains unaffected by your revocation; • to request information about your personal data processed by us according to Art. 15 EU-GDPR. Here you can find out about the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or the planned storage period, the right of rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of their data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
• in accordance with Art. 16 EU-GDPR, immediately demand the correction of incorrect or completed personal data stored by us; • to demand the deletion of your personal data stored with us, according to Art. 17 EU-GDPR, as far as the processing for the exercise of the right to freedom of expression and information, to fulfill a legal obligation, for reasons of the public interest or for the assertion, exercise or Defense of legal rights is required; • to demand the restriction of the processing of your personal data in accordance with Art. 18 EU-GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you have the Asserting, exercising or defending legal claims or you have objected to the processing in accordance with Art. 21 GDPR; • to receive, in accordance with Art. 20 EU-GDPR, your personal data provided to us in a structured, standard and machine-readable format or to request the transfer to another person responsible; • to complain to a supervisory authority in accordance with Art. 77 EU-GDPR. The competent supervisory authority is the state data protection officer of the federal state in which our company is based. An overview of the state data protection officers together with their contact details is available at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html. 6. Right to object If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) EU GDPR, you have the right, in accordance with Art. 21 GDPR objection to the processing of your personal data, as far as there are reasons for this arising from your particular situation. In the case of your justified objection, we examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing. If your personal data is processed by us in order to operate direct mail, you have the right to object to the processing of your personal data for the purpose of direct mail advertising at any time. 7. Data security We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. We also use SSL or TLS encryption (SSL = Secure Sockets Layer, TLS = TLS) in your website visit. Whether a single page of our website is transmitted in encrypted form is indicated by the browser’s address bar changing from “http: //” to “https: //” and the lock icon in your browser bar. If you enable SSL or TLS encryption, data that you send to us can not be read by third parties. Due to technical developments and / or changed legal or regulatory requirements, it may be necessary to change this privacy policy. If changes have been made, you can tell by the fact that in the first paragraph of this section 8. the “status” of the document has been updated. The current privacy policy can be viewed and printed by you at any time on our website at +4915779019933.