Data protection | BayrischKraut
Data protection
scope
This privacy policy is intended to inform the users of this website in accordance with the Federal Data Protection Act and the Telemedia Act about the type, scope and purpose of the collection and use of personal data by the website operator Bayrisch Kraut.
The website operator takes your data protection very seriously and treats your personal data confidentially and in accordance with the statutory provisions.
Please remember that data transmission over the Internet can always be subject to security gaps. Complete protection against access by strangers is not possible.
Access data
The website operator or site provider collects data about access to the site and saves it as “server log files”. The following data is logged in this way:
- Visited website
- Time of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used
The data collected is only used for statistical evaluations and to improve the website. However, the website operator reserves the right to subsequently check the server log files if there are concrete indications of illegal use.
Cookies
This website uses "cookies". These are small text files that are stored on your device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website. Further information can be found at http://www.allaboutcookies.org .
"Web beacons," "tags," and "pixels" are electronic files that collect information about how you navigate the Site.
Common browsers offer the option to not accept cookies etc. Note: There is no guarantee that you will be able to access all functions of this website without restrictions if you make the appropriate settings.
Handling personal data
The website operator collects, uses and passes on your personal data only if this is permitted by law or if you consent to the data collection.
Personal data is all information that can be used to identify you and that can be traced back to you – for example, your name, email address and telephone number.
user account
In order to be able to place orders via this offer, every customer can set up a password-protected customer account. This contains an overview of orders placed and active order processes. If you as a customer leave the online shop, you will be automatically logged out after a short time.
The operator assumes no liability for password misuse unless it was caused by the operator himself.
These regulations are not relevant for quick checkout processes of any kind.
Ordering process
All data entered by customers during order processing is stored. This includes:
- Name first Name
- address
- Payment details
- E-mail address
The data that is absolutely necessary for delivery or order processing will be passed on to third-party service providers. As soon as the storage of your data is no longer necessary or required by law, it will be deleted.
Handling contact data
If you contact the website operator using the contact options provided, your details will be saved so that they can be used to process and answer your request. We share your personal data with third parties who help us use your personal data as described above. For example, we use Shopify to operate our online shop. You can find more information about how Shopify uses your personal data here: https://www.shopify.com/legal/privacy
Dealing with comments and posts
If you leave a post or comment on this website, your IP address will be saved. This is for the security of the website operator: if your text violates the law, he would like to be able to trace your identity.
Subscriptions
You have the option of subscribing to the entire website as well as follow-up comments on your post. You will receive an email to confirm your email address. No other data will be collected apart from this. The stored data will not be passed on to third parties. You can cancel a subscription at any time.
PayPal
We offer the option of processing the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 Para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal insofar as it is necessary for the performance of the contract (Art. 6 Para. 1 lit. b. GDPR).
First name
Last name
address
E-mail address
Telephone number
The processing of the data specified in this section is neither required by law nor by contract. Without the transmission of your personal data, we cannot process a payment via PayPal. [You have the option of choosing a different payment method.]
PayPal carries out a credit check for various services such as payment by direct debit in order to ensure your willingness and ability to pay. This corresponds to PayPal's legitimate interest (according to Art. 6 Para. 1 lit. f GDPR) and serves the purpose of executing the contract (according to Art. 6 Para. 1 lit. b GDPR). For this purpose, your data (name, address and date of birth, bank account details) are passed on to credit agencies. We have no influence on this process and only receive the result of whether the payment was made or rejected or whether a review is pending.
Further information on objection and removal options with PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full
Your data will be stored until the payment is processed. This also includes the period required to process refunds, debt collection and fraud prevention. [According to [§ 147 AO / § 257 HGB], a statutory retention period of [10] years applies to us for the following documents: invoices, receipts, payment information]
technical advice
It should be checked whether log files are created from PayPal events, which may contain personal data in plain text.
Legal Notice
No order processing according to Art. 28 GDPR
PayPal is not a processor within the meaning of Art. 4 No. 8 GDPR. It has its own responsibility. ( https://www.lda.bayern.de/media/FAQ_Abgrenzung_Auftragsverarbeitung.pdf )
Google Analytics
This website uses the "Google Analytics" service, which is offered by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), to analyze website usage by users. The service uses "cookies" - text files that are stored on your device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.
IP anonymization is used on this website. The IP address of users is shortened within the member states of the EU and the European Economic Area. This shortening means that your IP address is no longer personally identifiable. As part of the data processing agreement that the website operators have concluded with Google Inc., Google uses the information collected to evaluate website usage and website activity and to provide services related to internet usage.
You have the option of preventing cookies from being saved on your device by selecting the appropriate settings in your browser. There is no guarantee that you will be able to access all functions of this website without restrictions if your browser does not accept cookies.
Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link takes you to the corresponding plug-in: https://tools.google.com/dlpage/gaoptout?hl=de
Alternatively, you can prevent Google Analytics from collecting data about you on this website by clicking on this link. By clicking on the link above, you will download an "opt-out cookie". Your browser must therefore generally allow cookies to be saved. If you delete your cookies regularly, you will need to click on the link again each time you visit this website.
You can find further information on data usage by Google Inc. here: https://support.google.com/analytics/answer/6004245?hl=de
Use of social media plugins
This website uses Facebook Social Plugins, which are operated by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). The integrations can be recognized by the Facebook logo or the terms "Like", "Share" in the Facebook colors (blue and white). Information about all Facebook plugins can be found in the following link: https://developers.facebook.com/docs/plugins/
The plugin establishes a direct connection between your browser and the Facebook servers. The website operator has no influence on the nature and extent of the data that the plugin transmits to the Facebook Inc. servers. Information about this can be found here: https://www.facebook.com/help/186325668085084
The plugin informs Facebook Inc. that you, the user, have visited this website. There is a possibility that your IP address will be saved. If you are logged into your Facebook account while visiting this website, the information mentioned above will be linked to it.
If you use the functions of the plugin – for example by sharing or “liking” a post – the corresponding information will also be transmitted to Facebook Inc.
If you would like to prevent Facebook Inc. from linking this data to your Facebook account, please log out of Facebook before visiting this website.
This website also uses the "+1" button from Google Plus. This is operated by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). If you visit a page that contains the "+1" button, a direct connection is established between your browser and the Google servers. The website operator therefore has no influence on the nature and extent of the data that the plugin transmits to the Google Inc. servers. If you click on the "+1" button while you are logged into Google +, you share the content of the page on your public profile.
According to Google Inc., personal data is only collected when you click on the button. The IP address is also stored for logged-in Google users. If you would like to prevent Google Inc. from storing this data and linking it to your account, please log out before visiting this website.
Information about the “+1” button can be found here: https://developers.google.com/+/web/buttons-policy
This website also uses Twitter buttons. These are operated by Twitter Inc. (795 Folsom St., Suite 600, San Francisco, CA 94107, USA). If you visit a page that contains such a button, a direct connection is established between your browser and the Twitter servers. The website operator therefore has no influence over the nature and extent of the data that the plug-in transmits to the Twitter Inc. servers.
According to Twitter Inc., only your IP address is collected and stored.
Information on how Twitter Inc. handles personal data can be found here: https://twitter.com/privacy?lang=de
Facebook Pixel
This website uses the Facebook visitor action pixel to measure conversions. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This enables Facebook to enable advertisements to be placed on Facebook pages and outside of Facebook. We as the website operator cannot influence this use of the data.
The use of Facebook Pixel is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.
You can find further information on protecting your privacy in Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/ .
You can also deactivate the “Custom Audiences” remarketing function in the Ad Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen . You must be logged in to Facebook to do this.
If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/
Newsletter subscription
The website operator offers you a newsletter in which he informs you about current events and offers. If you would like to subscribe to the newsletter, you must provide a valid email address.
User rights: information, correction and deletion
As a user, you will receive information about which personal data has been stored about you free of charge upon request. Provided your request does not conflict with a legal obligation to store data (e.g. data retention), you have the right to correct incorrect data and to block or delete your personal data.
In addition, you can opt out of some of these services through the Digital Advertising Alliance opt-out portal: http://optout.aboutads.info/
"Do not Track"
Please note that we do not alter our website's data collection and use practices when we receive a "Do Not Track" signal from your browser.
If you are a European resident, you have the right to access the personal information we hold about you and to request that it be corrected, updated, or deleted free of charge. If you wish to exercise this right, please contact us using the contact details below.
Additionally, if you are a European resident, we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site) or to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
Data retention
When you place an order through the Site, we will retain your order information for our records unless you ask us to delete this information.
Bayrisch Kraut UG Meisenweg 2, Vaterstetten, Bavaria, 85591, Germany (as of January/24)