Skip to content Skip to navigation menu

Data protection

We are pleased that you are visiting our website. In the following we would like to inform you about the handling of your data in accordance with Art. 13 et seq. EU General Data Protection Regulation (GDPR).
 

Responsible

The office named in the imprint is responsible for the data processing described below.
 

Usage data

When you visit our website, so-called usage data is temporarily stored on our web server as a log for statistical purposes in order to improve the quality of our website. This record consists of

  • the page from which the file was requested,
  • the name of the file,
  • the date and time of the query,
  • the amount of data transferred
  • the access status (file transferred, file not found),
  • the description of the web browser used and the operating system,
  • the referral link, which indicates from which page you came to ours,
  • the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

The log data mentioned is only stored anonymously.
 

Storage of the IP address

We store the IP address transmitted by your web browser for a strictly earmarked period of seven days in the interest of being able to detect, limit and eliminate attacks on our websites. After this period of time, we delete or anonymize the IP address. The legal basis for the processing of your IP address is Article 6 Paragraph 1 Clause 1 Letter f GDPR.
 

Data security

In order to protect your data from unwanted access as comprehensively as possible, we take technical and organizational measures. We use an encryption process on our websites. Your details are transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the closed lock symbol in the status bar of your browser and the address line beginning with https://.

 

Cookies

We use cookies on our websites, which are required to use our site. Cookies are small text files that can be stored and read on your end device. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

Necessary cookies may contain information about certain settings and are not personally identifiable. They may also be necessary to enable usability, security and implementation of the site. We use your data with the help of these cookies on the basis of Article 6 Paragraph 1 Clause 1 Letter f GDPR.

You can set your browser so that it informs you about the placement of cookies. So the use of cookies becomes transparent for you. You can also delete cookies at any time using the appropriate browser setting and prevent new cookies from being set. Please note that our website may then not be displayed or some functions may no longer be technically available.

Cookie Purpose Storage period
Session IDs, anonymous consents, cookie notifications, Supplix cart, SessionExpiry User guidance, security, page display Cookies are deleted when the session expires.
 

Google Tag Manager

This website uses Google Tag Manager. The Tag Manager does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this will remain in place for all tracking tags implemented with Google Tag Manager. Google's privacy policy for this tool can be found here.

 

Google Analytics

We use the web analysis tool "Google Analytics" to design our website according to needs. Google Analytics creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. In this way we are able to recognize returning visitors and count them as such.

IGoogle Ireland Limited and Google LLC support us as part of Google Analytics. (USA) as processor according to Art. 28 GDPR. Data processing can therefore also take place outside the EU or the EEA. With regard to Google LLC, an appropriate level of data protection cannot be assumed due to the processing in the USA. There is a risk that authorities will access the data for security and surveillance purposes without informing you or being able to appeal. Please keep this in mind if you choose to consent to our use of Google Analytics.

The data processing takes place on the basis of your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR, provided that you have given your consent via our banner. You can revoke your consent by following this Link and making the appropriate settings via our banner. Third-party cookies are stored on your end device for 12 months.

You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following Link and install.

 

New Relic

The web analysis tool New Relic from the provider New Relic Inc. (188 Spear Street, Suite 1200 San Francisco, CA 94105, USA) is used on our website.
New Relic's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and don't like, etc.) and this helps us to make our website work for you optimize. We also use New Relic to better monitor our infrastructure resources and perform performance analysis.

New Relic works with cookies and other technologies to collect data about the behavior of our users and their devices, in particular IP address of the device (is collected and stored only in an anonymous form during your website use), screen size, device type (Unique Device identifiers), information about the browser used, location (country only), preferred language for viewing our website. New Relic stores this information on our behalf in a pseudonymised user profile.

 

The data processing takes place on the basis of your consent in accordance with Article 6 Paragraph 1 Sentence 1 lit. You can revoke your consent at any time for the future. Please follow this Link and make the appropriate settings via our banner. You can also object to the collection and storage of data for this purpose at any time with effect for the future by deactivating cookies in your browser settings.

New Relic Inc. supports us in data processing as a processor in accordance with Art. 28 GDPR. Data processing can therefore also take place outside the EU or the EEA. With regard to New Relic Inc., an adequate level of data protection cannot be assumed due to the processing in the USA. There is a risk that authorities will access the data for security and surveillance purposes without informing you or being able to appeal. Please keep this in mind if you choose to consent to our use of New Relic. The transmission to an insecure third country takes place on the basis of Article 49 (1) (a) GDPR, provided you have given your consent via our banner.

 

Hotjar

Our website uses the web analysis tool "Hotjar" from the provider Hotjar Ltd., Level 2, St Julians Business Center, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com) for use.

We use Hotjar to better understand the needs of our users and to optimize the offer and experience on this website. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click, what they like and don't like, etc.) and this helps us tailor our offering to our users' feedback to align Hotjar works with cookies and other technologies to collect data about the behavior of our users and their end devices, in particular the IP address of the device (is only recorded and stored in anonymous form while you are using the website), screen size, device type (unique device identifiers). ), information about the browser used, location (country only), preferred language for viewing our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually prohibited from selling the data collected on our behalf.

The data is processed on the basis of your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR or Section 15 Paragraph 3 TMG, provided that you have given your consent via our banner. You can revoke your consent at any time for the future. Please follow this Link and make the appropriate settings via our banner. Third-party cookies are stored on your end device for 12 months.

Hotjar bietet jedem Nutzer zudem die Möglichkeit, mithilfe eines “Do Not Track-Headers” den Einsatz des Tools Hotjar zu unterbinden, sodass keine Daten über den Besuch der jeweiligen Website aufgezeichnet werden. Es handelt sich hierbei um eine Einstellung, die alle üblichen Browser in aktuellen Versionen unterstützen. Sollten Sie unsere Websites mit unterschiedlichen Browsern/Rechnern nutzen, müssen Sie den “Do Not Track-Header” für jeden dieser Browser/Rechner separat einrichten.

Hotjar also offers every user the option of using a "Do Not Track header" to prevent the use of the Hotjar tool, so that no data about the visit to the respective website is recorded. This is a setting that all standard browsers support in current versions. If you use our websites with different browsers/computers, you must set up the "Do Not Track header" for each of these browsers/computers separately.

When you visit a Hotjar-based website, you can prevent Hotjar from collecting your data at any time by going to the following opt-out page and clicking "Deactivate Hotjar": https://www.hotjar.com/legal/compliance/opt-out/

Learn more about Hotjar Ltd. and via the Hotjar tool can be found at: https://www.hotjar.com The data protection declaration of Hotjar Ltd. can be found at: https://www.hotjar.com/privacy/ Hotjar Ltd supports us in data processing as a processor in accordance with Art. 28 GDPR. As a processor, Hotjar Ltd processes your data strictly in accordance with instructions and on the basis of a separately concluded order processing contract.

 

iAdvize

Contact via chat

You have the option of contacting us via a chat function. When using the chat function, the following personal data will be processed:

Visitor data:

  • Chats (number of chats, duration, date, satisfaction survey response)
  • Visitor's IP address
  • When transmitted by the visitor: e-mail address, telephone number, identity

The aforementioned data is collected and processed for the following purposes:

  • Visitor Conversations: Collect visitor conversations so eCommerce site agents can interact with visitors directly.
  • Visitor Tracker / Cookies: Data collection to provide visitors with a conversation window.

The duration of the storage of conversations and related data depends on the channel used:

  • Chat / Social Media: 3 years
  • Video / Call / SMS: 12 months
  • Temporary archive: 5 years

Your data will only be used to process and manage your inquiries and for communication, unless you have consented to the processing of your data for other purposes or the data processing can be based on another legal basis.
 

Analysis and tracking using iAdvize

If you contact us via the chat function and have consented to the use of your data for analysis and marketing purposes, we will process the following additional data from you in addition to the data mentioned above:

  • Revenue generated
  • Number of buyers made
  • duration of communication
  • language settings
  • Current and visited pages on the website during chat communication
  • Content of chat history

iAdvize's technology gives us a better understanding of our users' experiences and this helps us to improve and develop our offering. Your data is therefore processed for the following purposes:

  • Analysis of whether and how the chat tool is used in order to further develop and improve the chat tool and our online shop
  • Improving customer support through user recognition

iAdvize works with cookies and other technologies to collect data about the behavior of our users and their devices. For this purpose, so-called VUID (Visitor Unique Identifier) ​​is stored in the local storage of your browser and information about the number of your visits and the duration since your last visit is collected. VUID is used by iAdvize as a recognition feature with which iAdvize can link further data and thus create pseudonymised user profiles.

 

Weitere Funktionen

Reflect

Your chat partner can use this function to display the website that is in the background of your desktop. If you have given your consent to the chat, this also applies at the same time as consent to the use of this function.

Co-browsing (collaborative surfing)

This feature allows your chat partner to take control of your navigation to navigate you through the website. To do this, your chat partner will ask you to release your control. You can give or deny your consent to co-browsing via a special dialog box. You can terminate access by closing the dialog box.


The data is processed on the basis of your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a GDPR or Section 15 Paragraph 3 Clause 1 TMG. Your consent is voluntary and can be revoked at any time. To do this, please follow this Link and make the appropriate settings under the Analysis section via our consent banner. The transmission to a third country takes place on the basis of Article 49 (1) (a) GDPR.

iAdvize SAS supports us in data processing as a processor according to Art. 28 GDPR. Data processing can also take place outside the EU https://help.iadvize.com/hc/en-gb/articles/360003267991-The-GDPR-iAdvize). With regard to processing in the USA, no adequate level of data protection can be assumed. There is a risk that authorities will access the data for security and surveillance purposes without informing you or being able to appeal. Please keep this in mind if you decide to use the chat function.

More information about iAdvize SAS, the processing and transfer of your data can be found here:
https://help.iadvize.com/hc/en-gb/articles/360003267991-The-GDPR-iAdvize.

 

Contact form

You have the option of contacting us via an electronic contact form. To use our contact form, we first need the data marked as mandatory from you.

We use information that you give us when contacting us on the basis of Art. 6 Para. 1 Sentence 1 lit b. GDPR, if your contact is aimed at concluding a contract as an end customer or on the basis of Art. 6 Para. 1 Sentence 1 lit f.

If you also provide us with voluntary information that is not absolutely necessary for contacting us, we will process this on the basis of your revocable consent in accordance with Article 6 (1) sentence 1 lit. a GDPR.

Your data will be deleted after your request has been finally processed, provided you revoke your consent and the deletion does not conflict with any statutory storage requirements.

Insofar as your data transmitted via the contact form is processed on the basis of Article 6 (1) sentence 1 lit. f GDPR, you can object to the processing at any time. In addition, you can revoke your consent to the processing of the voluntary information at any time with effect for the future. To do this, please contact the e-mail address given in the imprint.

Registration, customer account

If you would like to order via our online shop, you must first register and create a customer account.

We process the information marked as mandatory that you send us during your registration or as part of orders on the basis of Article 6 Paragraph 1 Sentence 1 lit. b GDPR if you create the customer account for yourself or the purchase act on their own behalf. If you act for a company or an organization, we process your data on the basis of Article 6 Paragraph 1 Clause 1 Letter f GDPR.

If you also provide voluntary information, we process this data on the basis of your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a, 7 GDPR. You can revoke your consent at any time for the future.

We store and use your personal data, which you transmit to us in the course of your registration and as part of orders, exclusively to process your orders. We use your e-mail address for notifications about the status of your order.

If and to the extent that this is necessary for the delivery of your order, we will pass on your data to logistics companies.

We store your data as long as you are registered with us or revoke your consent. If you decide to delete your customer account or revoke your consent, your data will be deleted as long as they are no longer required for contract processing and there are no statutory storage requirements.

If we process your data on the basis of Article 6 Paragraph 1 Clause 1 Letter f GDPR, you can object to the processing at any time. In addition, you can revoke your consent to the processing of the voluntary information at any time with effect for the future. To do this, please contact the e-mail address given in the imprint.
 

Storage duration

If we have not already provided detailed information about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and there are no statutory retention requirements to prevent deletion.

Other processors

We pass on your data to service providers as part of order processing in accordance with Article 28 GDPR, who support us in operating our websites and the associated processes. These are e.g. hosting service providers. Our service providers are strictly bound by our instructions and are contractually bound accordingly.

Below we name the processors with whom we work, if we have not already done so in the above text of the data protection declaration. If data is transferred outside the EU or the EEA in this context, we will provide information on the appropriate level of data protection.

Processor Purpose Adequate level of data protection
Medienwerft GmbH (Germany) Web hosting and support processing only within EU/EEA

Your rights as a user

When processing your personal data, the GDPR grants you, as a website user, certain rights:

  1. Right to information (Article 15 GDPR)

    You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in Art. 15 DSGVO.

  2. Right to rectification (Article 16 GDPR)

    You have the right to immediately request the correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data.

  3. Right to erasure (Art. 17 GDPR)

    You also have the right to request that personal data relating to you be deleted immediately if one of the reasons listed in Article 17 GDPR applies, e.g. B. if the data is no longer required for the purposes pursued.

  4. Right to restriction of processing (Article 18 GDPR)

    You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have lodged an objection to the processing in accordance with Art. 21 GDPR or for the duration of any examination as to whether our legitimate interests outweigh your interests as the data subject.

  5. Right to data portability (Art. 20 GDPR)

    In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transmission of this data to a third party.

  6. Right to object (Art. 21 GDPR)

    If data is processed on the basis of Article 6 Paragraph 1 Clause 1 Letter f GDPR (data processing to safeguard legitimate interests) or on the basis of Article 6 Paragraph 1 Clause 1 Letter e GDPR (data processing to safeguard the public interest or in the exercise of public violence), you have the right to object to the processing at any time for reasons that arise from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

  7. Right of withdrawal (Art. 7 Para. 3 GDPR)

    If data is processed on the basis of your consent, you are entitled under Art. 7 Para. 3 GDPR to revoke your consent to the use of your personal data at any time. Please note that the revocation only applies to the future. Processing that took place before the revocation is not affected. Please also note that we may have to store certain data for a certain period of time in order to fulfill legal requirements, despite your revocation.

  8. Right of appeal to a supervisory authority (Article 77 GDPR)

    In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. In particular, the right to lodge a complaint can be asserted with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.

Contact details of the data protection officer

In fulfilling our data protection obligations, we are supported by our data protection officer. The contact details of our data protection officer are:

datenschutz nord GmbH, Konsul-Smidt-Strasse 88, 28217 Bremen, Web: www.datenschutz-nord-gruppe.de, email: office@datenschutz-nord.de

If you contact our data protection officer, please also state the responsible body, which is named in the imprint.