Data Privacy Statement
When you visit this website, personal information about you is collected by us as the data controller responsible for data processing and saved for the period of time required for fulfilment of the specified purposes and statutory obligations. The information below explains what data we collect, how it is processed and the rights you have in this respect.
In accordance with Art. 4 no. 1 of the General Data Protection Regulation (GDPR), personal information is any information that refers to an identified or identifiable natural person (hereinafter referred to as the “person concerned or user”).
1. Name and contact details for the data controller responsible for processing
This data protection information applies to data processing on the website www.gardenigloo.de by the following data controller:
Lausitzer Str. 10, Aufgang E
(hereinafter referred to as “Gardenigloo”)
If you have any questions regarding data protection law or your rights, you are welcome to contact us directly at any time at the address above or by sending an email to email@example.com with “Data Protection” in the subject line.
2. Processing of personal information and purposes thereof
a) When visiting the website
You can access the website www.gardenigloo.de without having to disclose details regarding your identity. The browser installed on your device only sends information automatically to our website’s server (such as the time and time of the visit, name and URL of the file accessed, browser type and version, website from which access took place (referrer URL), operating system of the computer sending the request (access provider)).
This information also includes the IP address of your device sending the request. This is saved temporarily in a so-called log file and deleted after 4 weeks:
The IP address is processed for technical and administrative purposes related to connection set-up and stability in order to guarantee the security and functionality of our website and, if necessary, to track any unlawful attacks.
The legal basis for processing the IP address is Art. 6 (1) (1) lit. f of the GDPR. The security aspect mentioned and the necessity of interference-free provision of our website provides the basis for our legitimate interest.
We cannot draw any direct conclusions about your identity from the processing of the IP address in the log file.
b) When placing an order
You have the option of ordering products via our website. To process these orders, we collect the following mandatory details from you:
- Email address,
- First name and surname,
- Invoice address,
- Telephone number,
- Payment information, which depends on the method of payment you have selected (such as credit card details, bank details or Paypal account details),
- If available, the international VAT ID.
We collect this information
- To be able to identify you as our contractual partner,
- To verify the information entered with respect to its plausibility and correctness,
- To process the payment for your order,
- To protect against payment fraud, amongst other things,
- To settle any warranty claims and to be able to assert any claims against you.
The data processing takes place at your request and is necessary in accordance with Art. 6 (1) (1) lit. b of the GDPR for the specified purposes to fulfil the agreement and pre-agreement measures.
In order to guarantee smooth and straightforward settlement of your order, and for speedier clarification of any queries, you can also voluntarily provide the following additional information:
- Desired delivery method (postal address, Packstation, direct to a post office branch) and
- See obligatory details
Processing of the voluntary information is undertaken on the basis of Art. 6 (1) (1) lit. f of the GDPR and the purpose is to enable us to contact you quickly and to continuously improve our offers. This purpose is to be regarded as a legitimate interest as defined in the specified regulation.
The personal data collected by us for orders shall be stored by us until the expiry of the statutory guarantee obligation and is then automatically deleted, unless we are obliged, in accordance with Article 6 (1) (1) lit. c of the GDPR, due to retention and documentation obligations (arising from the German Commercial Code, German Penal Code or the German Tax Code) under tax and commercial law, to store the data for a longer period or you have agreed to a longer storage period in accordance with Art. 6 (1) (1) lit. a of the GDPR.
c) When using the contact form
You can send general enquiries to us via the contact form provided on our website. We will also ask for the following in addition to your message:
- Your name,
- A valid email address,
- Your telephone number and
- Your address
We will not store personal information in addition to the above unless this information was provided voluntarily by you in the message.
The information listed will be processed by us to identify you and to be able to answer your question.
The data processing takes place at your request and is necessary in accordance with Art. 6 (1) (1) lit. b of the GDPR for the specified purposes to fulfil the agreement and pre-agreement measures. The data processing is also supported by our legitimate interests in accordance with Art. 6 (1) (1) lit. f of the GDPR. These can also be seen from the aforementioned purposes.
The personal information collected by us for use of the contact form will be deleted after dealing with the enquiry you submitted, unless we must retain this information due to the nature of your enquiry or we are obliged, in accordance with Article 6 (1) (1) lit. c of the GDPR, due to retention and documentation obligations (arising from the German Commercial Code, German Penal Code or the German Tax Code) under tax and commercial law, to store the data for a longer period.
d) When subscribing to our newsletter
If you have given your express consent in accordance with Art. 6 (1) (1) lit. a of the GDPR, we will use your email address to regularly send you our personalised newsletter. Your name and an email address are sufficient for you to receive the newsletter.
The can unsubscribe at any time by clicking on the “Unsubscribe” link at the end of the newsletter. Alternatively, you can also at any time send us an email to firstname.lastname@example.org, stating your desire to unsubscribe.
3. Forwarding personal information
To provide this website, we use the webhosting service Mediatemple, 6060 Center Drive 5th Floor, Los Angeles, CA 90045 (hereinafter referred to as "Mediatemple").
Use of a webhosting service is required to provide a website. We use Mediatemple in accordance with Art. 6 (1) (1) lit. f of the GDPR due to our legitimate commercial interest in providing our offers on this website. Any personal information that arises from the use of the website is processed by Mediatemple on our behalf in connection with the hosting.
We have entered into an order processing agreement with Mediatemple. Through this agreement, the service provider ensures that it processes the data in line with the General Data Protection Regulation and guarantees the protection of the rights of the individuals concerned.
b) Further details
If permissible under the law and necessary for the handling of a contractual relationship with you in accordance with Art. 6 (1) (1) lit. b of the GDPR or necessary to protect our interests or that of third parties in accordance with Art. 6 (1) (1) lit. f, we will forward your personal information to third parties, such as to our commissioned logistics company (Gecco GmbH, Gewerbering Süd 2, 97359 Schwarzach/Main) or our tax adviser (Arps-Aubert + Partner Steuerberatungsgesellschaft mbB Schloßstr. 30, 12163 Berlin)
In addition, we will, if need be, consider forwarding your personal information if
- You have given your express permission for us to do so, in accordance with Art. 6 (1) (1) lit. a of the GDPR, and
- In the event that there is a legal obligation to do so, in accordance with Art. 6 (1) (1) lit. c of the GDPR.
We will never forward personal information to a third country or an international organisation.
Each cookie stores information that arises in connection with the specific device used. However, this does not mean that we are immediately made aware of your identity.
We also use temporary cookies to optimise ease of use – these are stored on your device for a fixed period of time. If you visit our website again to use our services, the cookies automatically recognises that you have visited us before and the entries and settings you made in order that these do not have to be entered again.
The information processed by cookies is required for the purposes specified for the safeguarding of our legitimate interests and these of third parties, in accordance with Art. 6 (1) (1) lit. f of the GDPR.
Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, completely disabling cookies may mean that you cannot use all the functions of our website.
5. Web analysis
The tracking and targeting measures listed below and used by us are implemented on the basis of Art. 6 (1) (1) lit. f of the GDPR. Our intention with the use of tracking measures is to ensure the appropriate design and continuous optimisation of our website. We also use the tracking measures to collect statistics regarding the use of our website. Furthermore, we use the information to optimise the display of advertising content. These interests are to be regarded as justified as defined by the aforementioned regulation.
The respective data processing objectives and data categories are contained in the description of the corresponding tracking tools.
a) Google Analytics
We use on our website Google Analytics, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as “Google”). Pseudonymised usage profiles are created in this connection and cookies (cf. Section 4) are used. The information about your use of this website generated by the cookie such as
- Browser type/version,
- Operating system used,
- Referrer URL (the website visited before),
- Host name of the accessing computer (IP address),
- Time of the server request,
is transferred to a Google server in the USA and stored there. Google complies with the data protection provisions of the "US Privacy Shield” framework and is registered with the “US Privacy Shield” programme of the US Department of Commerce. We have also entered into an order processing agreement with Google for the use of Google Analytics. By means of this agreement, Google guarantees that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the individuals concerned.
The information is used to evaluate the use of the website, to compile reports about website activities and to carry out additional services connected with website use and internet use for the purposes of market research and appropriate design of these internet sites.
This information may also be forwarded to third parties if this is prescribed by law or if third parties process this information on our behalf. On no account is your IP address amalgamated with other information from Google. The IP address is anonymised so that no correlation is possible (IP masking).
You can prevent the cookies being installed by making a setting to this effect in your browser software. However, we would point out that in this case you may not be able to use all the functions of this website to their full extent.
You can also prevent the collection of the information generated by the cookie related to the use of the website (including your IP address) and the processing of this information by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to the browser add-on, especially with browsers on mobile devices, you can also prevent collection of information by Google Analytics by clicking on this link. An opt-out cookie is installed that prevents your data being collected when you visit this website in the future. The opt-out cookie is only effective in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you have to reinstall the opt-out cookie.
Further information regarding data protection in connection with Google Analytics can be found in Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).
b) Google Double Click
By using cookies on our website, we collect and evaluate information to optimise advertisements. We use the targeting technologies provided by Google Inc. for this (Double Click, Double Click Exchange Buyer, Double Click Bid Manager).
These technologies enable us to display to you targeted advertisements based on your individual interests. The cookies used collect, for example, details of the content of our website you have shown an interest in. Using this information, we can also display to you websites of third-party providers aimed at your specific interests indicated by your previous user behaviour. The collection and evaluation of our user information is only ever carried out pseudonymously and does not enable us to identify you.
The cookie is automatically deleted after 30 days.
You can also adjust your settings to display advertising based on your interests by using the advertisement settings manager provided by Google (https://www.google.com/settings/ads/onweb ).
c) Facebook Custom Audience (pixel)
We use Facebook Custom Audience provided by Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland). This is a marketing service provided by Facebook. This enables us to display on Facebook individually customised and interest-based advertising for specific groups of pseudonymised visitors to our website that also use Facebook.
It is automatically collated in this server whether you have stored a Facebook cookie. This Facebook cookie automatically determines whether you belong to the relevant target group for us. If you do belong to the target group, we will display appropriate adverts to you on Facebook. You cannot be personally identified during this process through either the comparison of the data or by us through Facebook.
You can object to use of the Custom Audience service on Facebook’s website (https://www.facebook.com/ads/website_custom_audiences/). After signing in to your Facebook account, you come to the settings for Facebook adverts.
Further information regarding data protection on Facebook can be found in Facebook’s data protection guideline (https://www.facebook.com/privacy/explanation).
6. Rights of the individuals concerned
You have the right:
- In accordance with Art. 7 (3) of the GDPR, to revoke at any time the consent you have given us. The result of this is that we may no longer continue in the future to process data that was carried out based on your consent;
- In accordance with Art. 15 of the GDPR, to request from us details of the personal information we have processed about you. In particular, you can request information regarding the purposes of processing, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, restricted processing or objection, the existence of a right to complain, the origin of your data, if this data was not collected on our website, and information concerning the existence of automated decision-making, including profiling and, if necessary, meaningful information regarding the details of the latter;
- In accordance with Art. 16 of the GDPR, to request the immediate rectification of incorrect information or the completion of personal information held by us;
- In accordance with Art. 17 of the GDPR, to request the deletion of the personal information held by us, unless processing is required to exercise the right to freedom of expression, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise or defend against legal claims;
- In accordance with Art. 18 of the GDPR, to restrict processing of your personal information if you are contesting the accuracy of the information, processing is unlawful, although you reject the deletion of the information even though we no longer require it, but you require it to assert, exercise or defend against legal claims or you have submitted an objection to the processing of it in accordance with Art. 21 of the GDPR;
- In accordance with Art. 20 of the GDPR, to receive the data you have provided in a structured, conventional and machine-readable format or request that it is transferred to another data controller and
- In accordance with Art. 77 of the GDPR, to complain to a supervisory authority. Generally speaking, you can in this case complain to a supervisory authority in your usual place of residence, or place or work, or to a supervisory authority when our company’s registered office is located.
7. Information regarding your right to object in accordance with Art. 21 of the GDPR
You have the right, for reasons arising from your own special circumstances, to submit an objection at any time to the processing of your personal information that would be carried out based on Art. 6 (1) (1) of the GDPR (data processing on the basis of a balancing of interests); this also applies to profiling supported by this provision under Art. 4 no. 4 of the GDPR.
We will no longer process your personal information if you submit an objection, unless we can demonstrate compelling protection-related reasons to do so that outweigh your interests, rights and freedoms, or processing is required to assert, exercise or defend against legal claims.
We will stop processing your information immediately if your objection is directed against the processing of your information for direct marketing purposes. In this case, it is not necessary to indicate special circumstances. This also applies to profiling carried out in connection with such direct advertising.
If you would like to avail yourself of your right to object, all you need to is send an email to email@example.com.
8. Data security
All the information personally forwarded by you will be transferred in encrypted form using the customary and secure TLS (transport layer security) standard. TLS is a secure and proven standard that is also used with online banking, for example. You can recognise a secure TLS connection from, amongst other things, the letter s appended to http (so https://..) in the address bar of your browser or from the padlock symbol at the bottom of your browser.
We also use other suitable technical and organisational security measures to protect your information against accidental or deliberate manipulation, partial or complete loss or destruction, and against unauthorised third-party access. Our security measures are subject to ongoing improvement in accordance with technological developments.
9. Up-to-dateness of and amendments to this privacy statement
This privacy statement is valid at the current time and was last revised in May 2018.
It may be necessary to amend this privacy statement if we further develop our website or offers or due to changes in statutory or official guidelines. You can always view and print out the most up-to-date version of this privacy statement on the website at