Privacy Policy
Privacy Policy
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for entering into a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
contact
Responsible
Please contact us if you wish. The data controller is: Honest Water GmbH, Salvatorplatz 3, 80333 Munich , Germany, +4915142396352, info@raaaw.com
Customer initiates contact via email
If you contact us proactively via email, we collect your personal data (name, email address, message text) only to the extent that you provide it. This data processing serves the purpose of processing and responding to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Data collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, email address, message text) only to the extent that you provide it. The data is processed for the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number registered with WhatsApp, your name if provided, and other data to the extent you have made it available. We use a mobile device for this service whose address book contains only data from users who have contacted us via WhatsApp. Therefore, no personal data is shared with WhatsApp without your prior consent to this.
Your data will be transferred by WhatsApp to servers of Meta Platforms Inc. in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is certified under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice regarding a potential purchase, preparing a quote) or relates to a contract already concluded between you and us, this data processing is based on Article 6(1)(b) GDPR.
If contact is made for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in providing quick and easy contact options and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We use your personal data only to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of service and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. This data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal. Your customer account will then be deleted.
Reviews Advertising
Using Judge.me
We use the "Judge.me" rating system from Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.
Judge.me allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Judge.me to submit a review, which you can then do. The following data may be processed by us or Judge.me: email address, name, telephone number, address, information about your device (IP address, information about your web browser and operating system), information about the purchased product or service (order number, product details), the content of your review and the star rating you gave, and your product photos or videos (if you attached them to your product review). This data may also be used to verify your review.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. The EU Commission has issued an adequacy decision for the United Kingdom.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on specific agreements approved for use in the United Kingdom, which offer the same level of protection as personal data in the United Kingdom.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR, provided you have expressly consented to the transfer of your data and the receipt of the review request. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its withdrawal.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy .
Use of the email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly consented to this. The data processing serves solely the purpose of promotional communication. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when subscribing to our newsletter.
The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list. Despite removal from the mailing list, we may still store your email address on a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Article 6 Paragraph 1 Letter f GDPR, due to our and your legitimate interest in preventing the reuse of your email address for sending our newsletter. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Using Brevo (formerly Sendinblue)
We use the service of Sendinblue GmbH (Köpenicker Straße 126, 10179 Berlin; “Brevo”) for sending newsletters as part of a data processing agreement.
We forward the information you provide during newsletter registration (email address, and optionally first and last name) to Brevo. This data processing serves the purpose of sending the newsletter and its statistical evaluation.
To evaluate newsletter campaigns, the email newsletters we send contain a 1x1 pixel graphic (tracking pixel) and/or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any embedded links. In this context, your personal data, such as your IP address, browser type and device, and the time you opened the newsletter, may also be collected. Usage profiles can be created from this data under a pseudonym. The collected data will not be used to personally identify you. It will only be used for statistical analysis to improve our newsletter campaigns.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Further information and Brevo's privacy policy can be found at: https://www.brevo.com/de/legal/privacypolicy/ .
Use of mobile phone number for sending SMS advertising
We use your mobile phone number, independently of the contract processing, exclusively for our own advertising purposes to send SMS advertising, provided you have expressly agreed to this.
The processing of your data is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its withdrawal. Your mobile phone number will then be removed from the mailing list.
Your mobile phone number will be passed on to a service provider for SMS sending as part of order processing.
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies may also be used for this purpose. These cookies enable the recognition of your browser.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object to this processing of your personal data at any time, on grounds relating to your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the chosen payment method. This processing is based on Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the corresponding privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS .
Using PayPal Checkout
We use the PayPal Checkout payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you the option of paying via this service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is based on Article 6(1)(b) GDPR.
Cookies may be stored that allow your browser to be recognized. The resulting data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For certain payment methods, such as credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical methods using credit reference agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit reference agency and uses the information received about the statistical probability of payment default to make a balanced decision regarding the establishment, execution, or termination of the contractual relationship. The credit report may include probability values (score values) calculated using scientifically recognized mathematical-statistical methods, which may incorporate address data, among other factors. Your legitimate interests are protected in accordance with legal regulations. The data processing serves the purpose of credit assessment for initiating a contract. This processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in protecting against payment defaults when PayPal provides services in advance.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Article 6(1)(f) GDPR by notifying PayPal. Providing this data is necessary for concluding the contract with your chosen payment method. Failure to provide this data will result in the contract not being able to be concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is based on Article 6(1)(b) GDPR. To process this payment method, PayPal may then forward the data to the respective provider. This processing is also based on Article 6(1)(b) GDPR. Local third-party providers may include, for example:
Purchase on account via PayPal
When paying via invoice, the data required for payment processing is initially transmitted to PayPal. To process this payment method, PayPal then transmits the data to Ratepay GmbH (Franklinstrasse 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is based on Article 6 Paragraph 1 Letter b GDPR. Ratepay may conduct a credit check using mathematical-statistical methods (probability or score values) with credit agencies, following the procedure described above. The data processing serves the purpose of credit assessment for initiating a contract. This processing is based on Article 6 Paragraph 1 Letter f GDPR, due to our overriding legitimate interest in protecting against payment defaults when Ratepay provides services in advance. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
Cookies
Our website uses cookies. Cookies are small text files that are stored in or by the internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
Plug-ins and other
Use of social plug-ins
We use social network plugins on our website. The integration of social plugins and the associated data processing serve the purpose of optimizing advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network provider. The plugin is then displayed on the page by sending a message to your browser, provided you have explicitly consented to this. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. When you use the plugin functions (e.g., by clicking the button), this information is also associated with your user account. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website via social plugins. Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
We use social network plugins on our website. To ensure you retain control over your data, we use the privacy-friendly "Shariff" buttons.
Without your explicit consent, no links to the servers of the social networks will be established and consequently no data will be transmitted.
"Shariff" is a development by the specialists at the computer magazine c't. It enables greater privacy online and replaces the usual "Share" buttons of social networks. More information about the Shariff project can be found here: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
When you click the buttons, a pop-up window will appear where you can log in to the respective provider with your credentials. A direct connection to the social networks will only be established after you have actively logged in.
By logging in, you consent to the transfer of your data to the respective social media provider. This includes, among other things, the transmission of your IP address and information about which of our pages you have visited. If you are simultaneously logged into one or more of your social network accounts, the collected information will also be associated with your corresponding profiles. You can only prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks listed below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388 .
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
Using social plug-ins via the "2-click solution"
We use social network plugins on our website via the "2-click solution". This means that no connection to the social network servers is established and consequently no data is transmitted without your explicit consent.
When plugins are integrated in the standard way, a connection is established between your computer and the servers of the social network provider when you visit pages on our website that contain such a plugin. The plugin is then displayed on the page by sending a message to your browser. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are also logged into the Facebook social network, this information will be associated with your personal user account. When you use the plugin functions (e.g., by clicking the button), this information will also be associated with your user account, which you can only prevent by logging out before using the plugin. To ensure you retain control over your data, we have decided to initially deactivate the corresponding button. You can recognize this by the grayed-out button. Without your explicit consent – in the form of activating the button – no connection to the social network's server will be established and consequently no data will be transmitted.
Only when you activate the button will it become active (highlighted in color) and a direct connection to the social network's servers will be established.
By activating this feature, you consent to the transfer of your data to the respective social network provider. This includes, among other things, the transmission of your IP address and information about which of our pages you have visited. If you are simultaneously logged into one or more of your social network accounts, the collected information will also be associated with your corresponding profiles. You can only prevent this association by logging out of your social network accounts before visiting our website and before activating the buttons.
The social networks listed below are integrated using the "2-click function". Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ):
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
We use the Google Maps embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
This function enables the visual display of geographical information and interactive maps. When pages containing embedded Google Maps are accessed, Google also collects, processes, and uses data from website visitors.
Your data may also be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html . There, in the Privacy Center, you also have the option to change your settings so that you can manage and protect your data processed by Google.
Using YouTube
We use the YouTube video embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
This feature displays videos hosted on YouTube within an iFrame on the website. The "Enhanced Privacy Mode" option is enabled. This means that YouTube does not store any information about website visitors. Information is only transmitted to and stored by YouTube when you actually watch a video. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by YouTube and Google, your related rights and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy .
Integration of the Händlerbund member logo
Our website features the Händlerbund member logo (Händlerbund eV, Kohlgartenstraße 11-13, 04315 Leipzig). When you access our website, your browser automatically sends information to the Händlerbund eV server. This information is temporarily stored in a server log file for 7 days. The following information is collected automatically and stored until it is automatically deleted:
Data subject rights and storage period
Storage duration
After complete contract fulfillment, the data will initially be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
Provided the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
Furthermore, pursuant to Article 21 Paragraph 1 GDPR, you have the right to object to processing based on Article 6 Paragraph 1 f GDPR, as well as to processing for direct marketing purposes.
Right to lodge a complaint with the supervisory authority
According to Article 77 of the GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is unlawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
Email: poststelle@lda.bayern.de
Right to object
If the processing of personal data listed here is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been lodged, the processing of the data in question will cease, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
Last updated: October 22, 2024
Unless otherwise stated below, the provision of your personal data is neither legally nor contractually required, nor is it necessary for entering into a contract. You are not obligated to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the following processing operations.
"Personal data" means any information relating to an identified or identifiable natural person.
Server log files
You can visit our websites without providing any personal information.
Each time you access our website, your internet browser transmits usage data to us or our web host/IT service provider, which is then stored in log files (server log files). This stored data includes, for example, the name of the page accessed, the date and time of access, the IP address, the amount of data transferred, and the requesting provider.
The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the smooth operation of our website and improving our services.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.The processing is based on Art. 6 para. 1 lit. f GDPR due to our overriding legitimate interest in ensuring the smooth operation of our website and improving our services.
contact
Responsible
Please contact us if you wish. The data controller is: Honest Water GmbH, Salvatorplatz 3, 80333 Munich , Germany, +4915142396352, info@raaaw.com
Customer initiates contact via email
If you contact us proactively via email, we collect your personal data (name, email address, message text) only to the extent that you provide it. This data processing serves the purpose of processing and responding to your contact request.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Data collection and processing when using the contact form
When you use the contact form, we collect your personal data (name, email address, message text) only to the extent that you provide it. The data is processed for the purpose of contacting you.
If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice on purchase interest, preparing an offer) or relates to a contract already concluded between you and us, this data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
If you contact us for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in processing and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We will only use your email address to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
WhatsApp Business
If you contact us for business purposes via WhatsApp, we use the WhatsApp Business version provided by WhatsApp Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; “WhatsApp”). If you are located outside the European Economic Area, this service is provided by WhatsApp Inc. (1601 Willow Road, Menlo Park, CA 94025, USA).
The data processing serves to process and respond to your contact request. For this purpose, we collect and process your mobile phone number registered with WhatsApp, your name if provided, and other data to the extent you have made it available. We use a mobile device for this service whose address book contains only data from users who have contacted us via WhatsApp. Therefore, no personal data is shared with WhatsApp without your prior consent to this.
Your data will be transferred by WhatsApp to servers of Meta Platforms Inc. in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta Platforms Inc. is certified under the TADPF and has thus committed to complying with European data protection principles. If the contact is for the purpose of carrying out pre-contractual measures (e.g., providing advice regarding a potential purchase, preparing a quote) or relates to a contract already concluded between you and us, this data processing is based on Article 6(1)(b) GDPR.
If contact is made for other reasons, this data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in providing quick and easy contact options and responding to your inquiry. In this case, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6(1)(f) GDPR.
We use your personal data only to process your request. Your data will then be deleted in accordance with statutory retention periods, unless you have consented to further processing and use.
Further information on terms of service and data protection when using WhatsApp can be found athttps://www.whatsapp.com/legal/#terms-of-service and https://www.whatsapp.com/legal/#privacy-policy .
Customer account Orders
Customer account
When you open a customer account, we collect your personal data to the extent specified there. This data processing serves the purpose of improving your shopping experience and simplifying order processing. The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on the consent before its withdrawal. Your customer account will then be deleted.
Collection, processing and transfer of personal data during orders
When you place an order, we collect and process your personal data only to the extent necessary to fulfill and process your order and to handle your inquiries. Providing this data is necessary for entering into a contract. Failure to provide this data will result in the contract not being concluded. This processing is based on Article 6(1)(b) GDPR and is necessary for the performance of a contract with you.
Your data will be shared with, for example, shipping companies, dropshipping and fulfillment providers, payment service providers, order processing service providers, and IT service providers. In all cases, we strictly adhere to legal requirements. The scope of data transfer is limited to the minimum necessary.
Your data may be transferred to and processed in third countries outside the EU, in particular Canada and the USA. The EU Commission has issued an adequacy decision for Canada. The EU Commission has also issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Shopify is not certified under the TADPF. This data transfer is based on contractual obligations comparable to the EU Commission's Standard Contractual Clauses.Reviews Advertising
Using Judge.me
We use the "Judge.me" rating system from Judge.me Ltd (c/o Buckworths 2nd Floor, 1-3 Worship Street, London, England, EC2A 2AB; "Judge.me") on our website.
Judge.me allows us to collect customer reviews and display them on our website to give you an insight into the quality of our services.
After placing an order, you may receive an invitation from us or Judge.me to submit a review, which you can then do. The following data may be processed by us or Judge.me: email address, name, telephone number, address, information about your device (IP address, information about your web browser and operating system), information about the purchased product or service (order number, product details), the content of your review and the star rating you gave, and your product photos or videos (if you attached them to your product review). This data may also be used to verify your review.
Judge.me uses technologies such as cookies.
Your data may be transferred outside the EU to the United Kingdom. The EU Commission has issued an adequacy decision for the United Kingdom.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Judge.me is not certified under the TADPF. This data transfer is based on specific agreements approved for use in the United Kingdom, which offer the same level of protection as personal data in the United Kingdom.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR, provided you have expressly consented to the transfer of your data and the receipt of the review request. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on your consent before its withdrawal.
Further information on data protection when using Judge.me can be found at: https://judge.me/privacy .
Use of the email address for sending newsletters
We use your email address to send you information and offers via newsletter, provided you have expressly consented to this. The data processing serves solely the purpose of promotional communication. For this purpose, we process your email address and, if applicable, other data that you voluntarily provided when subscribing to our newsletter.
The processing is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of the processing carried out based on the consent before its withdrawal.
You can unsubscribe from the newsletter at any time by using the corresponding link in the newsletter or by notifying us. Your email address will then be removed from the mailing list. Despite removal from the mailing list, we may still store your email address on a so-called blacklist to prevent you from receiving newsletter emails from us in the future. This storage is based on Article 6 Paragraph 1 Letter f GDPR, due to our and your legitimate interest in preventing the reuse of your email address for sending our newsletter. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Using Brevo (formerly Sendinblue)
We use the service of Sendinblue GmbH (Köpenicker Straße 126, 10179 Berlin; “Brevo”) for sending newsletters as part of a data processing agreement.
We forward the information you provide during newsletter registration (email address, and optionally first and last name) to Brevo. This data processing serves the purpose of sending the newsletter and its statistical evaluation.
To evaluate newsletter campaigns, the email newsletters we send contain a 1x1 pixel graphic (tracking pixel) and/or a tracking link. This allows us to determine whether you have opened the newsletter and whether you have clicked on any embedded links. In this context, your personal data, such as your IP address, browser type and device, and the time you opened the newsletter, may also be collected. Usage profiles can be created from this data under a pseudonym. The collected data will not be used to personally identify you. It will only be used for statistical analysis to improve our newsletter campaigns.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in a targeted, effective, and user-friendly newsletter system. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Further information and Brevo's privacy policy can be found at: https://www.brevo.com/de/legal/privacypolicy/ .
Use of mobile phone number for sending SMS advertising
We use your mobile phone number, independently of the contract processing, exclusively for our own advertising purposes to send SMS advertising, provided you have expressly agreed to this.
The processing of your data is based on Article 6(1)(a) GDPR with your consent. You can withdraw your consent at any time by notifying us, without affecting the lawfulness of the processing carried out based on your consent before its withdrawal. Your mobile phone number will then be removed from the mailing list.
Your mobile phone number will be passed on to a service provider for SMS sending as part of order processing.
Use of email address for availability notifications
We offer a stock availability notification service on our website. If an item is temporarily unavailable, you can enter your email address on the respective product page and be notified by email when it becomes available, provided you have consented to this. You will receive a one-time email notification when the item is available. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the availability notification at any time by contacting us. Your email address will then be removed from the mailing list.
Payment service providerWe offer a stock availability notification service on our website. If an item is temporarily unavailable, you can enter your email address on the respective product page and be notified by email when it becomes available, provided you have consented to this. You will receive a one-time email notification when the item is available. This processing is based on Article 6(1)(a) of the GDPR with your consent. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. You can unsubscribe from the availability notification at any time by contacting us. Your email address will then be removed from the mailing list.
Using PayPal Express
We use the PayPal Express payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you payment via the PayPal Express payment service. To integrate this payment service, it is necessary for PayPal to collect, store, and analyze data (e.g., IP address, device type, operating system, browser type, location of your device) when you access the website. Cookies may also be used for this purpose. These cookies enable the recognition of your browser.
Your personal data is processed on the basis of Article 6(1)(f) GDPR, based on our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object to this processing of your personal data at any time, on grounds relating to your particular situation.
By selecting and using PayPal Express, the data required for payment processing will be transmitted to PayPal in order to fulfill the contract with you using the chosen payment method. This processing is based on Article 6 Paragraph 1 Letter b GDPR. Further information on data processing when using the PayPal Express payment service can be found in the corresponding privacy policy at www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#Updated_PS .
Using PayPal Checkout
We use the PayPal Checkout payment service from PayPal (Europe) S.à.rl et Cie, SCA (22-24 Boulevard Royal L-2449, Luxembourg; "PayPal") on our website. The data processing serves the purpose of offering you the option of paying via this service. By selecting and using payment via PayPal, credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, the data required for payment processing is transmitted to PayPal in order to fulfill the contract with you using the selected payment method. This processing is based on Article 6(1)(b) GDPR.
Cookies may be stored that allow your browser to be recognized. The resulting data processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in offering a customer-oriented range of payment methods. You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Credit card via PayPal, direct debit via PayPal & "Pay later" via PayPal
For certain payment methods, such as credit card via PayPal, direct debit via PayPal, or "Pay Later" via PayPal, PayPal reserves the right to obtain a credit report based on mathematical-statistical methods using credit reference agencies. For this purpose, PayPal transmits the personal data required for a credit check to a credit reference agency and uses the information received about the statistical probability of payment default to make a balanced decision regarding the establishment, execution, or termination of the contractual relationship. The credit report may include probability values (score values) calculated using scientifically recognized mathematical-statistical methods, which may incorporate address data, among other factors. Your legitimate interests are protected in accordance with legal regulations. The data processing serves the purpose of credit assessment for initiating a contract. This processing is based on Article 6(1)(f) GDPR, due to our overriding legitimate interest in protecting against payment defaults when PayPal provides services in advance.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Article 6(1)(f) GDPR by notifying PayPal. Providing this data is necessary for concluding the contract with your chosen payment method. Failure to provide this data will result in the contract not being able to be concluded with your chosen payment method.
Third-party providers
When paying via a third-party payment method, the data required for payment processing is transmitted to PayPal. This processing is based on Article 6(1)(b) GDPR. To process this payment method, PayPal may then forward the data to the respective provider. This processing is also based on Article 6(1)(b) GDPR. Local third-party providers may include, for example:
- Apple Pay (Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
- Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
Purchase on account via PayPal
When paying via invoice, the data required for payment processing is initially transmitted to PayPal. To process this payment method, PayPal then transmits the data to Ratepay GmbH (Franklinstrasse 28-29, 10587 Berlin; "Ratepay") in order to fulfill the contract with you using the selected payment method. This processing is based on Article 6 Paragraph 1 Letter b GDPR. Ratepay may conduct a credit check using mathematical-statistical methods (probability or score values) with credit agencies, following the procedure described above. The data processing serves the purpose of credit assessment for initiating a contract. This processing is based on Article 6 Paragraph 1 Letter f GDPR, due to our overriding legitimate interest in protecting against payment defaults when Ratepay provides services in advance. Further information on data protection and which credit agencies Ratpay uses can be found at https://www.ratepay.com/legal-payment-dataprivacy/ and https://www.ratepay.com/legal-payment-creditagencies/ .
Further information on data processing when using PayPal can be found in the associated privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full .
Cookies
Our website uses cookies. Cookies are small text files that are stored in or by the internet browser on a user's computer system. When a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is visited again.
Cookies are stored on your computer. Therefore, you have full control over their use. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and the transmission of the data they contain. Cookies that have already been stored can be deleted at any time. However, please note that you may then not be able to fully utilize all the functions of this website.
The links below provide information on how to manage (including disable) cookies in the most common browsers:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-lB6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablassen
Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies to make our website more user-friendly, effective, and secure. Furthermore, cookies enable our systems to recognize your browser even after you navigate to a different page and to offer you services. Some features of our website cannot be offered without the use of cookies. For these features, it is necessary that the browser is recognized even after a page change.
The use of cookies or similar technologies is based on Section 25 Paragraph 2 of the German Telemedia Act (TDDG). The processing of your personal data is based on Article 6 Paragraph 1 Letter f of the GDPR, due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our services.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
Plug-ins and other
Use of social plug-ins
We use social network plugins on our website. The integration of social plugins and the associated data processing serve the purpose of optimizing advertising for our products.
When social plugins are integrated, a connection is established between your computer and the servers of the social network provider. The plugin is then displayed on the page by sending a message to your browser, provided you have explicitly consented to this. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are simultaneously connected to one or more of your social network accounts, the collected information can also be associated with your corresponding profiles. When you use the plugin functions (e.g., by clicking the button), this information is also associated with your user account. You can prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The social networks listed below are integrated into our website via social plugins. Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Meta Platforms Ireland and we are jointly responsible for the collection of your data and its transfer to Facebook when you use this service. This is based on an agreement between us and Meta Platforms Ireland regarding the joint processing of personal data, which defines the respective responsibilities. The agreement can be accessed at https://www.facebook.com/legal/controller_addendum . Specifically, we are responsible for fulfilling the information obligations under Articles 13 and 14 of the GDPR, for complying with the security requirements of Article 32 of the GDPR with regard to the correct technical implementation and configuration of the service, and for complying with the obligations under Articles 33 and 34 of the GDPR insofar as a personal data breach affects our obligations under the joint processing agreement. Meta Platforms Ireland is responsible for enabling the data subject rights in accordance with Articles 15-20 GDPR, complying with the security requirements of Article 32 GDPR with regard to the security of the service, and fulfilling the obligations under Articles 33 and 34 GDPR insofar as a personal data breach affects Meta Platforms Ireland's obligations under the joint processing agreement.
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Further information on the collection and use of data by Facebook, your related rights and options for protecting your privacy can be found in Facebook's privacy policy at https://www.facebook.com/about/privacy/ .
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
https://help.instagram.com/155833707900388
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
X, formerly known as Twitter, (X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA )
https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
Using social plug-ins via "Shariff"https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
We use social network plugins on our website. To ensure you retain control over your data, we use the privacy-friendly "Shariff" buttons.
Without your explicit consent, no links to the servers of the social networks will be established and consequently no data will be transmitted.
"Shariff" is a development by the specialists at the computer magazine c't. It enables greater privacy online and replaces the usual "Share" buttons of social networks. More information about the Shariff project can be found here: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
When you click the buttons, a pop-up window will appear where you can log in to the respective provider with your credentials. A direct connection to the social networks will only be established after you have actively logged in.
By logging in, you consent to the transfer of your data to the respective social media provider. This includes, among other things, the transmission of your IP address and information about which of our pages you have visited. If you are simultaneously logged into one or more of your social network accounts, the collected information will also be associated with your corresponding profiles. You can only prevent this association by logging out of your social media accounts before visiting our website and before activating the buttons. The social networks listed below are integrated using the "Shariff" function.
Further information on the scope and purpose of the collection and use of data, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) https://help.instagram.com/155833707900388 .
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland )
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
X, formerly known as Twitter, ( X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA )
https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles .
https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles .
Using social plug-ins via the "2-click solution"
We use social network plugins on our website via the "2-click solution". This means that no connection to the social network servers is established and consequently no data is transmitted without your explicit consent.
When plugins are integrated in the standard way, a connection is established between your computer and the servers of the social network provider when you visit pages on our website that contain such a plugin. The plugin is then displayed on the page by sending a message to your browser. In this process, both your IP address and information about which of our pages you have visited are transmitted to the provider's servers. This applies regardless of whether you are registered with or logged into the social network. Even unregistered or logged-out users are subject to this transmission. If you are also logged into the Facebook social network, this information will be associated with your personal user account. When you use the plugin functions (e.g., by clicking the button), this information will also be associated with your user account, which you can only prevent by logging out before using the plugin. To ensure you retain control over your data, we have decided to initially deactivate the corresponding button. You can recognize this by the grayed-out button. Without your explicit consent – in the form of activating the button – no connection to the social network's server will be established and consequently no data will be transmitted.
Only when you activate the button will it become active (highlighted in color) and a direct connection to the social network's servers will be established.
By activating this feature, you consent to the transfer of your data to the respective social network provider. This includes, among other things, the transmission of your IP address and information about which of our pages you have visited. If you are simultaneously logged into one or more of your social network accounts, the collected information will also be associated with your corresponding profiles. You can only prevent this association by logging out of your social network accounts before visiting our website and before activating the buttons.
The social networks listed below are integrated using the "2-click function". Further information on the scope and purpose of data collection and use, as well as your related rights and options for protecting your privacy, can be found in the linked privacy policies of the providers.
Facebook of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
https://www.facebook.com/policy.php
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
Instagram of Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland):
http://instagram.com/legal/privacy/
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Meta is certified under the TADPF and has therefore committed to complying with European data protection principles.
LinkedIn ( LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ):
https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). LinkedIn is certified under the TADPF and has therefore committed to complying with European data protection principles.
X, formerly known as Twitter, ( X Corp., 1355 Market Street, Suite 900 San Francisco, CA 94103, USA )
https://twitter.com/privacy
https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
https://twitter.com/personalization
Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). X has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
Using Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; "Google") on our website. This query serves to distinguish between input by a human and input by automated, machine processing. For this purpose, your input is transmitted to Google and further processed there. Additionally, your IP address and, if applicable, other data required by Google for the reCAPTCHA service are transmitted to Google. This data is processed by Google within the European Union and may also be transferred to servers of Google LLC in the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has thus committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information about Google reCAPTCHA and its privacy policy can be found at: https://www.google.com/recaptcha/intro/android.html and https://www.google.com/privacy .
Using Google MapsWe use the Google Maps embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, "Google").
This function enables the visual display of geographical information and interactive maps. When pages containing embedded Google Maps are accessed, Google also collects, processes, and uses data from website visitors.
Your data may also be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). Google has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by Google can be found in Google's privacy policy at https://www.google.com/privacypolicy.html . There, in the Privacy Center, you also have the option to change your settings so that you can manage and protect your data processed by Google.
Using YouTube
We use the YouTube video embedding function on our website, provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
This feature displays videos hosted on YouTube within an iFrame on the website. The "Enhanced Privacy Mode" option is enabled. This means that YouTube does not store any information about website visitors. Information is only transmitted to and stored by YouTube when you actually watch a video. Your data may be transferred to the USA. The EU Commission has issued an adequacy decision for the USA, the Trans-Atlantic Data Privacy Framework (TADPF). YouTube has certified itself under the TADPF and has therefore committed to complying with European data protection principles.
The use of cookies or similar technologies is based on your consent pursuant to Section 25 Paragraph 1 Sentence 1 of the German Telemedia Act (TDDG) in conjunction with Article 6 Paragraph 1 Letter a of the GDPR. The processing of your personal data is also based on your consent pursuant to Article 6 Paragraph 1 Letter a of the GDPR. You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
Further information on the collection and use of data by YouTube and Google, your related rights and options for protecting your privacy can be found in YouTube's privacy policy at https://www.youtube.com/t/privacy .
Integration of the Händlerbund member logo
Our website features the Händlerbund member logo (Händlerbund eV, Kohlgartenstraße 11-13, 04315 Leipzig). When you access our website, your browser automatically sends information to the Händlerbund eV server. This information is temporarily stored in a server log file for 7 days. The following information is collected automatically and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which access is made (referrer URL),
- browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
Data subject rights and storage period
Storage duration
After complete contract fulfillment, the data will initially be stored for the duration of the warranty period, then taking into account legal, in particular tax and commercial law retention periods, and then deleted after the expiry of the period, unless you have consented to further processing and use.
Rights of the data subject
Provided the legal requirements are met, you have the following rights under Articles 15 to 20 GDPR: right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability.
Furthermore, pursuant to Article 21 Paragraph 1 GDPR, you have the right to object to processing based on Article 6 Paragraph 1 f GDPR, as well as to processing for direct marketing purposes.
Right to lodge a complaint with the supervisory authority
According to Article 77 of the GDPR, you have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data is unlawful.
You can lodge a complaint with the supervisory authority responsible for us, which you can reach using the following contact details:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Tel.: +49 981 1800930
Fax: +49 981 180093800
Email: poststelle@lda.bayern.de
Right to object
If the processing of personal data listed here is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time with effect for the future on grounds relating to your particular situation.
After an objection has been lodged, the processing of the data in question will cease, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
Last updated: October 22, 2024
