Kinkstyle.com

 

​

 

​

 

GDPR Privacy Policy

The controller responsible for data processing is:

 

​

 

Kapilan World Entertainment

​

Kapilan Ratnam

Eckernförder Straße 61

22769 Hamburg

Deutschland

 

Email: info@kinkstyle.com / info@kapilanworld.com

Telefon: +49 (0) 162 6 57 57 55

https://www.Kinkstyle.com / https://www.kapilanworld.com

 

​

 

We appreciate your interest in our online shop. Protecting your privacy is very important to us. Below, we provide detailed information about how we handle your data.

 

​

 

1. Access Data and Hosting

 

You can visit our websites without providing any personal information. Each time you access a website, the web server automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), and documents the access. This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the site and improving our offering. This serves to safeguard our legitimate interests in a correct presentation of our offering, which prevail within the framework of a balancing of interests, in accordance with Art. 6 (1) (f) GDPR. All access data is processed only for as long as is necessary to achieve the aforementioned processing purposes.

 

The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise stated in this privacy policy, all access data and all data collected in forms provided for this purpose on this website are processed on their servers. If you have any questions about our service providers and the basis of our collaboration with them, please use the contact details described in this Privacy Policy.

 

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection: Israel, South Korea, and the USA.

 

The European Commission has determined that the USA provides an adequate level of data protection as a basis for transfers to third countries, provided the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, and the Philippines.

There is no adequacy decision from the European Commission for these countries. Our collaboration with you is based on these guarantees: European Union standard data protection clauses.

 

​

 

2. Data processing for contract processing and contact purposes

 

Data transfer for age verification

 

If your order includes goods whose sale is subject to age restrictions, we ensure that the purchaser has reached the required minimum age by using a reliable procedure that includes a personal identity and age verification. For this purpose, the SCHUFA Identity Check is used on our website. This service is operated by SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany (hereinafter: SCHUFA).

To ensure the required minimum age, certain personal data (e.g., name, address, and date of birth) are transmitted to SCHUFA Holding AG. A so-called identity check using Q-Bit is then carried out, which has been positively assessed by the Commission for the Protection of Minors in the Media (KJM) for age verification. According to Art. 6 (1) (f) GDPR, the transmission of data to SCHUFA serves to safeguard our legitimate interests, which prevail within the context of a balancing of interests, in ensuring an offer that complies with youth protection laws and in complying with the statutory provisions on youth protection. A credit check is not carried out in this regard.

 

​

 

Contact

 

As part of customer communication, we collect personal data to process your inquiries in accordance with Art. 6 (1) (b) GDPR if you voluntarily provide it to us when contacting us (e.g., via contact form or email). Mandatory fields are marked as such, as in these cases we absolutely need the data to process your contact. The data collected can be seen in the respective input forms. Once your request has been fully processed, your data will be deleted unless you have expressly consented to further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use your data in any other way that is permitted by law and about which we will inform you in this statement.

 

Live chat tool: Ascend by Wix

 

If you use the live chat tool to contact us

n, the data you voluntarily enter there (name, email address, message) will be processed by us in accordance with Art. 6 (1) (b) GDPR for the purpose of answering your inquiry within the scope of contract processing. Furthermore, the use of this tool serves to safeguard our legitimate interests in effective and improved customer communication, which prevail within the context of a balancing of interests, in accordance with Art. 6 (1) (f) GDPR. The data will then be deleted. The live chat tool is provided by Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel ("Wix"), which acts on our behalf.

 

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection by resolution: Israel, South Korea, USA.

 

There is a resolution of the European Commission on an adequate level of data protection for the USA as the basis for a third-country transfer, provided that the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, and the Philippines.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Union standard data protection clauses.

 

 

 

3. Data processing for the purpose of shipping processing

 

To fulfill the contract in accordance with Art. 6 (1) (b) GDPR, we will pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

 

The same applies to the transfer of data to our manufacturers or wholesalers in cases where they handle shipping for us (drop shipping). These are considered shipping service providers within the meaning of this privacy policy.

 

Our service providers are located and/or use servers in the following countries: China, India, and Türkiye.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Commission standard data protection clauses, supervisory authority standard data protection clauses, approved binding corporate rules, approved contractual clauses, approved codes of conduct, approved certification mechanism.

 

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection: United Kingdom, USA.

 

A European Commission decision on an adequate level of data protection for the USA serves as the basis for third-country transfers, provided the respective service provider is certified. Until our service providers are certified, the data transfer continues to be based on this basis: European Commission standard data protection clauses.

 

​

 

Data transfer to shipping service providers for the purpose of shipping notification

 

If you have given us your express consent to do so during or after your order, we will pass on your email address and telephone number to the selected shipping service provider in accordance with Art. 6 (1) (a) GDPR so that they can contact you before delivery for the purpose of notifying you of or coordinating delivery.

You can revoke your consent at any time by sending a message to the contact option described in this privacy policy or directly to the shipping service provider at the contact address listed below. After revocation, we will delete the data you have provided for this purpose unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this policy.

 

General Logistics Systems Germany GmbH & Co. OHG

GLS Germany-Straße 1 - 7

DE-36286 Neuenstein

Germany

 

​

 

United Parcel Service Deutschland S.à r.l. & Co. OHG

Görlitzer Straße 1

41460 Neuss

Germany

 

 

 

Hermes Germany GmbH

Essener Straße 89

D-22419 Hamburg

Germany

 

 

 

DHL Paket GmbH

Sträßchensweg 10

53113 Bonn

Germany

 

 

 

DPD Deutschland GmbH

Wailandtstraße 1

63741 Aschaffenburg

Germany

 

 

 

4. Data processing for payment processing

 

When processing payments in our online shop, we work with the following partners: technical service providers, credit institutions, and payment service providers.

 

 

 

4.1 Data processing for transaction processing

 

Depending on the selected payment method, we pass the data necessary for processing the payment transaction to our technical service providers, who work for us as part of a contract processing agreement, or to the commissioned credit institutions or to the selected

Payment service providers will share your data with us to the extent necessary to process the payment. This serves the purpose of fulfilling the contract in accordance with Art. 6 (1) (b) GDPR. Payment service providers sometimes collect the data required to process the payment themselves, e.g., on their own website or via technical integration in the ordering process. The privacy policy of the respective payment service provider applies in this respect.

 

If you have any questions about our payment processing partners and the basis of our cooperation with them, please contact us using the contact details described in this privacy policy.

 

 

4.2 Data processing for the purpose of fraud prevention and optimizing our payment processes

 

We may provide our service providers with additional data, which they use together with the data necessary to process the payment as our processors for the purpose of fraud prevention and optimizing our payment processes (e.g., invoicing, processing disputed payments, accounting support). Pursuant to Art. 6 (1) (f) GDPR, this serves to safeguard our legitimate interests in protecting ourselves against fraud and in efficient payment management, which prevail within the context of a balancing of interests.

 

​

 

5. Advertising by Email

 

Email newsletter with registration, newsletter tracking with separate consent

 

If you subscribe to our newsletter, we will use the data required for this purpose or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 (1) (a) GDPR. You can unsubscribe from the newsletter at any time and can do so either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your email address from the recipient list unless you have expressly consented to further use of your data in accordance with Art. 6 (1) (a) GDPR or we reserve the right to use your data in any other way that is permitted by law and about which we will inform you in this declaration.

 

If you have also given us your consent to analyze our newsletters in accordance with Art. 6 (1) (a) GDPR, we will also analyze your use of our newsletter by measuring, storing, and evaluating open rates and click rates for the purpose of designing future newsletter campaigns ("newsletter tracking").

 

For this analysis, the emails sent contain single-pixel technologies (e.g., so-called web beacons, tracking pixels) stored on our website. For evaluation purposes, we link the following "newsletter data":

 

the page from which the page was requested (so-called referrer URL),

 

the date and time of the visit,

 

the description of the type of web browser used,

 

the IP address of the requesting computer,

 

the email address,

 

the date and time of registration and confirmation,

 

and the single-pixel technologies with your email address or IP address and, if applicable, a unique ID. Links contained in the newsletter may also contain this ID.

 

You can unsubscribe from newsletter tracking at any time and can do so either by sending a message to the contact option described or via a link provided for this purpose in the newsletter.

 

The information will be stored for as long as you are subscribed to the newsletter.

 

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: Israel, South Korea, and the USA.

 

A European Commission decision on an adequate level of data protection for the USA serves as a basis for transfers to third countries, provided the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, Philippines.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Union standard data protection clauses.

 

 

 

6. Cookies and other technologies

6.1 General information

 

To make visiting our website more attractive and to enable the use of certain functions, we use technologies on various pages, including so-called cookies. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your device and enable us to recognize your browser the next time you visit (persistent cookies).

nte cookies).

 

Protection of privacy on end devices

When using our online offering, we use absolutely necessary technologies to be able to provide the expressly requested telemedia service. Storing information on your device or accessing information already stored on your device does not require your consent.

 

For functions that are not absolutely necessary, storing information on your device or accessing information already stored on your device requires your consent. We would like to point out that if you do not grant your consent, parts of the website may not be fully usable. Any consent you may have given will remain in effect until you adjust or reset the respective settings on your device.

 

Possible downstream data processing through cookies and other technologies

We use technologies that are absolutely necessary for the use of certain functions of our website (e.g., shopping cart function). These technologies collect and process IP addresses, the time of visits, device and browser information, and information about your use of our website (e.g., information about the contents of your shopping cart). This serves the overriding legitimate interest in an optimized presentation of our offering in accordance with Art. 6 (1) (f) GDPR within the framework of a balancing of interests.

 

We also use technologies to fulfill the legal obligations to which we are subject (e.g., to be able to prove consent to the processing of your personal data), as well as for web analysis and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this Privacy Policy.

 

You can find the cookie settings for your browser under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

 

If you have consented to the use of the technologies in accordance with Art. 6 (1) (a) GDPR, you can revoke your consent at any time by sending a message to the contact option described in the Privacy Policy. Alternatively, you can also use the cookie settings button.

 

​

 

6.2 Use of the Wix Consent Manager Tool to manage consent

 

We use the Wix Consent Manager Tool on our website to inform you about the cookies and other technologies we use on our website, as well as to obtain, manage, and document your consent to the processing of your personal data by these technologies, if required. This is required pursuant to Art. 6 (1) (c) GDPR to fulfill our legal obligation under Art. 7 (1) GDPR to be able to prove your consent to the processing of your personal data, to which we are subject. The Wix Consent Manager Tool is offered by Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel ("Wix"). After you submit your cookie consent on our website, the Wix web server stores your IP address, the date and time of your consent, browser information, as well as information about your consent behavior and its verifiability (user ID). In addition, a cookie is used that contains information about your consent behavior. Your data will be deleted once the above-mentioned purpose no longer applies, unless you have expressly consented to further use of your data in accordance with Art. 6 (1) (a) GDPR, or we reserve the right to use the data in any other way that is permitted by law and about which we will inform you in this statement.

 

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by resolution: Israel, South Korea, USA.

 

A European Commission resolution regarding an adequate level of data protection for the USA serves as the basis for transfers to third countries, provided the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Taiwan, Brazil, Mexico, India, Ukraine, Guatemala, Philippines.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Union standard data protection clauses.

 

​

 

6.3 Information on third-country transfers (data transfer to third countries)

 

We use technologies from service providers on our website whose headquarters and/or server locations may be located in third countries outside the EU or EEA. If there is no adequacy decision from the EU Commission for this country,

mission, an adequate level of data protection must be ensured by means of other appropriate safeguards.

 

Appropriate safeguards in the form of contractually agreed standard contractual clauses of the EU Commission or binding corporate rules are generally possible, but require prior review by the contracting parties to determine whether an adequate level of protection can be guaranteed. According to the case law of the European Court of Justice (ECJ), additional protective measures may be necessary for this purpose.

 

We have generally agreed to the standard data protection clauses issued by the EU Commission with the technology providers we use who process personal data in a third country. Where possible, we also agree on additional safeguards designed to ensure adequate data protection in the third countries without an adequacy decision.

 

Notwithstanding this, it may happen that, despite all contractual and technical measures, the level of data protection in the third country does not correspond to that of the EU. In these cases, we will ask you, if necessary, within the framework of the cookie consent, for your consent pursuant to Art. 49 (1) (a) GDPR to transfer your personal data to a third country.

There is a particular risk that local authorities in the third country may not be granted sufficiently restricted access rights to your personal data from a European data protection perspective, that we as the data exporter or you as the data subject may not be aware of this, and/or that you may not have sufficient legal remedies available to prevent this and/or take action against such access.

 

The following countries in particular are currently considered third countries without an adequacy decision from the EU Commission (example list):

 

China

 

Russia

 

Taiwan

 

You can find out which third countries we transfer data to in the privacy policy for the respective tool and/or service we use for consent management/Consent Manager Platform (CMP).

 

​

 

7. Use of Cookies and Other Technologies

 

If you have given your consent in accordance with Art. 6 (1) (a) GDPR, we use the following cookies and other third-party technologies on our website. Once the purpose no longer applies and we no longer use the respective technology, the data collected in this context will be deleted. You can revoke your consent at any time with future effect. Further information on your options for revoking your consent can be found in the "Cookies and Other Technologies" section. Further information, including the basis of our collaboration with the individual providers, can be found in the individual technologies. If you have any questions about the providers and the basis of our collaboration with them, please contact us using the contact details described in this Privacy Policy.

 

​

 

Other Providers of Web Analysis and Online Marketing Services

 

Use of AWIN for Online Marketing

 

We market space for third-party advertisements through our advertising partner AWIN AG, Landsberger Allee 104 BC, 10249 Berlin, Germany ("AWIN"). These advertisements will be displayed to you at various points on this website. Using cookies, AWIN can track the progress of each order and, in particular, verify that you clicked on the respective ad and then ordered the product. For this purpose, data (IP address, time of visit, device and browser information, as well as information about your use of our website) is collected, transmitted to AWIN, and processed by AWIN. We have no influence on this data processing. Data processing is carried out on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR.

 

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

 

Our service providers are located and/or use servers in countries outside the EU and the EEA. There is no adequacy decision from the European Commission for these countries. Our cooperation with them is based on standard data protection clauses of the European Commission.

 

​

 

8. Integration of the Trusted Shops Trustbadge/other widgets

 

Provided you have given your consent in accordance with Art. 6 (1) (a) GDPR, Trusted Shops widgets are integrated into this website to display Trusted Shops services (e.g., quality seals, collected reviews) after an order.

 

The Trustbadge and the services advertised with it are offered by Trusted Shops AG, Subbelrather Str. 15C, 50823 Cologne ("Trusted Shops"), with whom we are jointly responsible for data protection pursuant to Art. 26 GDPR.

are safer. Within the scope of this privacy policy, we will inform you below about the essential contractual content pursuant to Art. 26 (2) GDPR.

 

In accordance with the joint controllership existing between us and Trusted Shops AG, please contact Trusted Shops with any data protection questions or to assert your rights using the contact options provided in the privacy policy. Regardless of this, you can always contact the controller of your choice. Your request will then be forwarded to the other controller for response if necessary.

 

​

 

8.1 Data processing when integrating the Trustbadge/other widgets

 

The Trustbadge is provided by a US CDN (Content Delivery Network) provider. An appropriate level of data protection is ensured by an adequacy decision of the EU Commission, which is available for the US here. Service providers used in the US are generally certified under the EU-US Data Privacy Framework (DPF). Further information can be found here. If service providers used are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee.

 

When you access the Trustbadge, the web server automatically saves a so-called server log file, which also contains your IP address, the date and time of access, the amount of data transferred, and the requesting provider (access data), and documents the access. The IP address is anonymized immediately after collection so that the stored data cannot be assigned to you personally. The anonymized data is used primarily for statistical purposes and error analysis.

 

​

 

8.2 Data processing after order completion

 

If you have given your consent, the Trustbadge accesses the order information stored on your device (order total, order number, and any purchased product) and email address after the order has been completed, and your email address is hashed using a cryptographic one-way function. The hash value is then transmitted to Trusted Shops along with the order information in accordance with Art. 6 (1) (a) GDPR.

This is to check whether you are already registered for Trusted Shops services. If so, further processing will take place in accordance with the contractual agreement concluded between you and Trusted Shops. If you are not yet registered for the services or do not consent to automatic recognition via the Trustbadge, you will then have the opportunity to manually register for the services or to purchase protection within the scope of your existing user agreement.

 

For this purpose, after completing your order, the Trustbadge accesses the following information stored in the device you are using: order total, order number, and email address. This is necessary so that we can offer you buyer protection. The data will only be transmitted to Trusted Shops when you actively decide to purchase buyer protection by clicking on the corresponding button on the so-called Trustcard. If you decide to use the services, further processing will be governed by the contractual agreement with Trusted Shops pursuant to Art. 6 (1) (b) GDPR in order to complete your registration for Buyer Protection and secure your order, as well as to subsequently send you review invitations by email if necessary.

 

Trusted Shops uses service providers in the areas of hosting, monitoring, and logging. The legal basis is Art. 6 (1) (f) GDPR for the purpose of ensuring trouble-free operation. Processing may take place in third countries (USA and Israel). An appropriate level of data protection is ensured by an adequacy decision of the EU Commission, which is available for the USA here and for Israel here. Service providers from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). Further information can be found here. If service providers are not certified under the DPF, standard contractual clauses have been concluded as a suitable guarantee.

 

​

 

9. Social Media

 

9.1 Social Buttons from Facebook (by Meta), X (formerly Twitter), Instagram (by Meta), WhatsApp

 

Our website uses social buttons from social networks. These are simply embedded as HTML links, so no connection to the servers of the respective provider is established when you visit our website. Clicking on one of the buttons opens the website of the respective social network in a new window of your browser. There you can, for example, click the Like or Share button.

9.2 Our online presence on Facebook (by Meta), X (formerly: Twitter), Instagram (by Meta)

 

If you have given your consent to this in accordance with Art. 6 (1) (a) GDPR to the respective social media operator, when you visit our online presence on the social media platforms listed above, your data will be automatically collected and stored for market research and advertising purposes, from which user profiles will be created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. Detailed information on the processing and use of data by the respective social media operator, as well as a contact option and your related rights and settings options for protecting your privacy, can be found in the privacy policies of the providers linked below. If you still need help in this regard, you can contact us.

 

Facebook (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is generally transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing when you visit a Facebook (by Meta) fan page is based on an agreement between joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

 

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by resolution: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

 

There is a resolution of the European Commission regarding an adequate level of data protection for the USA as a basis for transferring data to third countries, provided that the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, and Mexico.

There is no adequacy decision from the European Commission for these countries. Our cooperation with you is based on these guarantees: European Commission standard data protection clauses.

 

X is a service provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("X"). The information automatically collected by X about your use of our online presence on X is generally transferred to and stored on a server of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

 

Our service providers are located and/or use servers in countries outside the EU and the EEA for which the European Commission has determined an adequate level of data protection.

 

Our service providers are located and/or use servers in countries outside the EU and the EEA. There is no adequacy decision from the European Commission for these countries. Our cooperation with them is based on standard data protection clauses of the European Commission.

 

Instagram (by Meta) is a service provided by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland ("Meta Platforms Ireland"). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is generally transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, and stored there. Data processing when you visit an Instagram (by Meta) fan page is based on an agreement between joint controllers in accordance with Art. 26 GDPR. Further information (information on Insights data) can be found here.

 

Our service providers are located and/or use servers in the following countries for which the European Commission has determined an adequate level of data protection: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, and Argentina.

 

A European Commission decision regarding an adequate level of data protection for the USA serves as the basis for transfers to third countries, provided the respective service provider is certified. Certification is available.

 

Our service providers are located and/or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, and Mexico.

There is no European Commission adequacy decision for these countries. Our cooperation with you is based on these guarantees:

Standard data protection clauses of the European Commission.

 

 

 

10. Contact options and your rights

10.1 Your rights

 

As a data subject, you have the following rights:

 

pursuant to Art. 15 GDPR, the right to request information about your personal data processed by us, to the extent specified therein;

 

pursuant to Art. 16 GDPR, the right to immediately request the rectification of inaccurate or incomplete personal data stored by us;

 

pursuant to Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary

 

to exercise the right to freedom of expression and information;

 

to fulfill a legal obligation;

 

for reasons of public interest or

 

to assert, exercise, or defend legal claims;

 

pursuant to Art. 18 GDPR, the right to request the restriction of the processing of your personal data, provided that

 

the accuracy of the data is contested by you;

 

the processing is unlawful, but you refuse to delete it;

 

we no longer need the data, but you require it to assert, exercise, or defend legal claims, or

 

you have objected to the processing pursuant to Art. 21 GDPR;

 

pursuant to Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, common, and machine-readable format or to request its transmission to another controller;

 

pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or place of work or our company headquarters for this purpose.

 

Right of Objection

 

If we process personal data as explained above to protect our legitimate interests, which prevail in the context of a balance of interests, you can object to this processing with future effect. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If processing is carried out for other purposes, you only have the right to object if there are reasons related to your particular situation.

 

After exercising your right of objection, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.

 

This does not apply if the processing is carried out for direct marketing purposes. In this case, we will no longer process your personal data for this purpose.

 

10.2 Contact options

 

If you have any questions about the collection, processing, or use of your personal data, or if you wish to request information, correction, restriction, or deletion of data, or to revoke consent you have granted, or object to a specific use of your data, please contact us directly using the contact details in our legal notice.

​

​

​