Privacy Policy

1. An overview of data protection

General information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data recording on this website
Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the section “Note on the responsible party” in this privacy policy.

How do we record your data?

Some of your data is collected when you provide it to us. This may, for example, include data that you enter into a contact form.

Other data is collected automatically or after your consent when you visit the website through our IT systems. This mainly includes technical data (e.g., internet browser, operating system, or time of the page visit). The collection of this data takes place automatically as soon as you enter this website.

What are the purposes we use your data for?

Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other inquiries.

What rights do you have regarding your data?

You have the right to receive information free of charge at any time about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time with effect for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.

For this and any other questions regarding data protection, you can contact us at any time.

Analysis Tools and Tools from Third-Party Providers

There is a possibility that your browsing patterns will be statistically analyzed when your visit this website. Such analyses are performed primarily with what we refer to as analysis programs.

Detailed information about these analysis programs can be found in the following privacy policy.

2. Hosting and Content Delivery Networks (CDN)

We are hosting the content of our website at the following provider:

Shopify

Our online store is hosted on Shopify Inc., headquartered at 151 O’Connor Street, Ground floor, Ottawa, ON K2P 2L8, Canada. Shopify provides the e-commerce platform we use to offer our products and services. When you interact with our website, your personal data may be processed by Shopify in accordance with its privacy practices and applicable data protection laws.

Shopify stores and processes data on servers located in various countries, including Canada and the United States. Shopify is certified under the EU–U.S. Data Privacy Framework (DPF), ensuring compliance with European data protection standards for data transfers to the U.S.

For more information, please refer to Shopify’s privacy policy:
https://www.shopify.com/legal/privacy

Cloudflare

Shopify uses services provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA, to improve security and website performance. Cloudflare operates a global content delivery network (CDN), which routes data traffic through Cloudflare’s servers. This helps load our website faster and provides protection against malicious activity (e.g., DDoS attacks).

In this context, Cloudflare may collect technical data such as IP addresses or browser details. These are used solely for the purpose of ensuring secure and efficient delivery of content.

The use of Cloudflare is based on our legitimate interest in maintaining a reliable and secure website (Art. 6(1)(f) GDPR). Data transfers to the USA are based on the EU–U.S. Data Privacy Framework and Standard Contractual Clauses issued by the European Commission.

For more details, see Cloudflare’s privacy policy:
https://www.cloudflare.com/privacypolicy/
DPF certification:
https://www.dataprivacyframework.gov/participant/5666

3. General Information and Mandatory Disclosures
Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data are collected. Personal data is any data with which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this is done.

Please note that data transmission over the internet (e.g., when communicating by email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data processing controller on this website is:

AS Activewear
Syed Shah
Becklemer Weg 11
45711 Datteln

Telefon: 049 1764 0523445
Email: service@as-activewear.de

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you submit a legitimate request for deletion or revoke your consent to data processing, your data will be deleted—provided we have no other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will occur once these reasons no longer apply.

General information on the legal basis for the data processing on this website

If you have given consent to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR and, if special categories of data are processed, on the basis of Art. 9(2)(a) GDPR in conjunction with Art. 9(1) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is additionally based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your end device (e.g., via device fingerprinting), data processing also takes place on the basis of § 25(1) TDDDG. Consent can be revoked at any time.

If your data is required for the performance of a contract or for pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to comply with a legal obligation, based on Art. 6(1)(c) GDPR. Data processing may also take place on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR.

The specific legal basis applicable in each individual case is explained in the following sections of this privacy policy.

Notice on Data Transfers to Third Countries Not Considered Safe Under Data Protection Law and Transfers to U.S. Companies Not Certified Under the DPF

We use tools provided by companies based in third countries that are not considered safe under data protection law, as well as U.S.-based tools whose providers are not certified under the EU-U.S. Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that in such countries, a level of data protection comparable to that of the EU cannot be guaranteed.

We also point out that the USA is generally considered a safe third country with a level of data protection comparable to that of the EU. Data transfers to the USA are permissible if the recipient is certified under the "EU-U.S. Data Privacy Framework" (DPF) or provides suitable additional safeguards. You can find more information on data transfers to third countries, including the recipients of the data, in this privacy policy.

Recipients of Personal Data

In the course of our business activities, we work with various external parties. This sometimes requires the transfer of personal data to these external entities. We disclose personal data to external parties only when it is necessary for contract fulfillment, when we are legally obligated to do so (e.g., transferring data to tax authorities), when we have a legitimate interest in the disclosure pursuant to Art. 6 (1)(f) GDPR, or when another legal basis permits the transfer. When we engage processors, we transfer our customers’ personal data solely on the basis of a valid data processing agreement. In cases of joint processing, a joint-processing agreement is concluded.

Revocation of your consent to the processing of data

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

Right to Object to Data Collection in Specific Cases and to Direct Advertising (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT, AT ANY TIME, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA AFFECTED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, place of work, or the place of the alleged violation. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, in a common, machine-readable format, either for yourself or for transfer to a third party. If you request the direct transfer of data to another controller, this will only be done if it is technically feasible.

Right to Access, Rectification, and Erasure

Within the scope of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipient, and the purpose of the data processing. You also have the right to request the correction or deletion of this data, if applicable. For this and other questions relating to personal data, you can contact us at any time.

Right to demand processing restrictions

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time. The right to demand restriction of processing applies in the following cases:

If you dispute the accuracy of the personal data we have stored about you, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is conducted unlawfully, you have the option to request the restriction of processing instead of requesting the deletion of the data.
If we no longer need your personal data, but you require it to exercise, defend, or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have raised an objection pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may be processed only subject to your consent or to claim, exercise or defend legal entitlements or to protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

SSL and/or TLS Encryption

For security reasons and to protect the transmission of confidential content—such as orders or inquiries you send to us as the website operator—this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted Payment Transactions on This Website

If, after concluding a contract that requires payment, there is an obligation to provide us with your payment details (e.g., account number for direct debit), these data are required for payment processing.

Payment transactions using common payment methods (e.g., Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize such an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser bar.

If the communication with us is encrypted, third parties will not be able to read the payment information you share with us.

Rejection of unsolicited e-mails

We hereby object to the use of the contact data published in accordance with the legal notice (imprint) obligation for sending advertising and information materials that have not been expressly requested. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

4. Recording of data on this website

Cookies

Our website uses so-called "cookies." Cookies are small data packets that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.

Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies allow the integration of certain services provided by third parties within websites (e.g., cookies for processing payment services).

Cookies serve various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart function or displaying videos). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies that are necessary for carrying out the electronic communication process, for providing certain functions you request (e.g., the shopping cart function), or for optimizing the website (e.g., cookies for measuring the web audience) are stored on the basis of Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent has been requested for the storage of cookies and similar recognition technologies, processing is carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); the consent can be revoked at any time.

You can configure your browser to inform you about the setting of cookies, to allow cookies only in individual cases, to exclude the acceptance of cookies in certain cases or in general, and to enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this privacy policy.

Consent with Usercentrics

This website uses the Usercentrics consent technology to obtain your consent for the storage of certain cookies on your device or for the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website: https://usercentrics.com/en/ (hereinafter referred to as “Usercentrics”).

When you enter our website, the following personal data is transferred to Usercentrics:

Your declaration(s) of consent or revocation of your consent(s)
Your IP address
Information about your browser
Information about your device
The date and time of your visit to our website
Geolocation

In addition, Usercentrics stores a cookie in your browser to associate the granted consents or their withdrawal. The collected data will be stored until you request us to delete it, you delete the Usercentrics cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention obligations remain unaffected.

The Usercentrics banner on this website was configured using eRecht24. You can recognize this by the appearance of the eRecht24 logo in the banner. To display the eRecht24 logo in the banner, a connection is established to the eRecht24 image server. During this process, the IP address is also transmitted, but it is only stored in anonymized form in the server logs. The image server of eRecht24 is located in Germany with a German provider. The banner itself is provided solely by Usercentrics.

The use of Usercentrics takes place to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6(1)(c) GDPR.

Contract data processing

We have entered into a data processing agreement (DPA) for the use of the aforementioned service. This is a contract required by data protection law, which ensures that the service processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Server log files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

The type and version of browser used
The used operating system
Referrer URL
The hostname of the accessing computer
The time of the server inquiry
The IP address

This data is not merged with other data sources.

The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website – for this purpose, the server log files must be recorded.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact information you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if this has been requested; consent can be revoked at any time.

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been fully processed). Mandatory statutory provisions – in particular, retention periods – remain unaffected.

Request by e-mail, telephone, or fax

If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if this has been requested; consent can be revoked at any time.

The data you send to us via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been fully processed). Mandatory legal provisions – in particular, statutory retention periods – remain unaffected.

Google Forms

We have integrated Google Forms into this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as „Google”).

Google Forms allows us to create online forms to collect messages, inquiries, and other input from visitors to our website in a structured manner. All entries you make are processed on Google’s servers. Google Forms stores a cookie in your browser that contains a unique ID (NID cookie). This cookie stores various information, such as your language settings.

The use of Google Forms is based on our legitimate interest in efficiently and user-friendly handling of your inquiries (Art. 6(1)(f) GDPR). If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, to the extent the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The data you enter into the form will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., once your request has been fully processed). Mandatory legal provisions – especially retention periods – remain unaffected.

For more information, please refer to Google’s privacy policy: https://policies.google.com/

The company is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States intended to ensure compliance with European data protection standards when processing data in the U.S. Any company certified under the DPF commits to complying with these data protection standards. For more information, visit the provider’s page at:
https://www.dataprivacyframework.gov/
participant/5780

Registration on this website

You can register on this website to access additional features. The data entered during registration will be used solely for the purpose of using the respective offer or service for which you have registered. The mandatory fields requested during registration must be completed in full; otherwise, we will reject the registration.

To notify you of any important changes to the scope of our portfolio or in the event of technical modifications, we will use the email address provided during the registration process.

The processing of the data entered during registration is based on Article 6(1)(b) GDPR and serves the purpose of fulfilling the user agreement established by the registration and, if applicable, initiating further contracts.

The data collected during registration will be stored by us as long as you are registered on this website and will be deleted thereafter. Legal retention periods remain unaffected.

Comment Function on This Website

When using the comment function on this site, in addition to your comment, the time the comment was created, your email address, and—if you do not post anonymously—your chosen username will be stored.

Storage Period for Comments

Comments and related data will be stored and remain on this website until the content commented on is completely deleted or the comments must be deleted for legal reasons (e.g., offensive or unlawful content).

Legal basis

The storage of comments is based on your consent (Art. 6(1)(a) GDPR). You may revoke your consent at any time. A simple informal email to us is sufficient. The lawfulness of any data processing carried out prior to the revocation remains unaffected.

5. Social media

Facebook

Elements of the social network Facebook are integrated into this website. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.

An overview of the Facebook social media plugins can be found here:
https://developers.facebook.com/docs/plugins/?locale=de_DE

When a social media element is active, a direct connection is established between your device and the Facebook server. Facebook thereby receives information that you have visited this website with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. Please note that we, as the website operator, have no knowledge of the content of the data transmitted or how it is used by Facebook. For more information, please refer to Facebook’s privacy policy at:
https://de-de.facebook.com/privacy/explanation

The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

If personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited solely to the collection of the data and its transfer to Facebook. Any subsequent processing by Facebook is not part of the joint responsibility. The obligations jointly incumbent upon us have been set out in a joint processing agreement. The wording of this agreement can be found at:
https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for implementing the tool in a manner that is compliant with data protection laws. Facebook is responsible for the security of Facebook products. Data subject rights (e.g., access requests) regarding the data processed by Facebook can be asserted directly with Facebook. If you assert your data subject rights with us, we are obligated to forward your request to Facebook.

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found at:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://de-de.facebook.com/help/566994660333381,
and https://www.facebook.com/policy.php

The company is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States intended to ensure compliance with European data protection standards when processing data in the U.S. Any company certified under the DPF commits to adhering to these data protection standards. More information is available at:
https://www.dataprivacyframework.gov/
participant/4452

Instagram

We have integrated functions of the public media platform Instagram into this website. These functions are being offered by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information that you have visited this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to this website with your user account. Please note that we, as the provider of this website, have no knowledge of the content of the transmitted data or its use by Instagram.

The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.

If personal data is collected on our website using the tool described here and transferred to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited solely to the collection and transfer of the data to Facebook or Instagram. Any further processing by Facebook or Instagram after the transfer is not part of the joint responsibility. The mutual obligations have been outlined in a joint processing agreement. The wording of this agreement can be found at:
https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing the data protection information regarding the use of the Facebook or Instagram tools and for implementing them in a privacy-compliant manner on our website. Facebook is responsible for the data security of its Facebook and Instagram products. You can assert your data subject rights (e.g., access requests) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert them with us, we are obligated to forward your request to Facebook.

Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/, and
https://de-de.facebook.com/help/566994660333381

For more information, please refer to Instagram’s privacy policy:
https://privacycenter.instagram.com/policy/

The company is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States to ensure compliance with European data protection standards when processing data in the U.S. Any company certified under the DPF commits to complying with these standards. More information is available at:
https://www.dataprivacyframework.gov/
participant/4452

6. Analysis Tools and Advertising
Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies into our website. Google Tag Manager itself does not create user profiles, store cookies, or perform any independent analysis. It serves solely to manage and deploy the tools integrated via it. However, Google Tag Manager does collect your IP address, which may also be transmitted to Google's parent company in the United States.

The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and easy integration and management of various tools on the website. If corresponding consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.

Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, time spent on the site, operating systems used, and the user’s origin. These data are compiled into a user ID and assigned to the respective device of the website visitor.

Additionally, we can use Google Analytics to record your mouse and scroll movements and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the collected data and applies machine learning technologies for data analysis.

Google Analytics uses technologies that allow the recognition of the user for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://privacy.google.com/businesses/
controllerterms/mccs/

IP Anonymization

IP anonymization in Google Analytics is activated on this website. This means that your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services relating to website and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.

Browser Plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en

For more information on how Google Analytics handles user data, please refer to Google's privacy policy:
https://support.google.com/analytics/
answer/6004245?hl=en

Data Processing Agreement

We have entered into a data processing agreement with Google and fully comply with the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics E-Commerce Tracking

This website uses the "E-Commerce Measurement" feature of Google Analytics. With the help of E-Commerce tracking, the website operator can analyze the purchasing behavior of visitors to improve their online marketing campaigns. This includes information such as completed orders, average order values, shipping costs, and the time from viewing to purchasing a product. These data may be aggregated by Google under a transaction ID that is assigned to the respective user or their device.

Google Ads

The website operator uses Google Ads, an online advertising program by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when users enter certain search terms on Google (keyword targeting). Furthermore, targeted advertising can be shown based on user data held by Google (e.g., location data and interests) (audience targeting). As the website operator, we can evaluate this data quantitatively, for example by analyzing which search terms triggered our ads and how many clicks the ads received.

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be revoked at any time.

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details can be found here:
https://policies.google.com/privacy/frameworks and
https://business.safety.google/controllerterms/

The company is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States to ensure compliance with European data protection standards when processing data in the U.S. Companies certified under the DPF commit to complying with these data protection standards. More information is available at:
https://www.dataprivacyframework.gov/
participant/5780

Google Ads Remarketing

This website uses functions of Google Ads Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads Remarketing allows us to assign users who have interacted with our online content to specific target groups, so that interest-based advertising can be shown to them within the Google advertising network (remarketing or retargeting).

In addition, the target audiences created with Google Ads Remarketing can be linked to Google's cross-device functions. This way, interest-based, personalized advertising messages adapted to your usage and browsing behavior on one device (e.g., mobile phone) can also be displayed on one of your other devices (e.g., tablet or PC).

If you have a Google account, you can opt out of personalized advertising at the following link:
https://adssettings.google.com/anonymous?hl=de

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be revoked at any time.

Further information and Google’s privacy policy can be found at:
https://policies.google.com/technologies/ads?hl=de

The company is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States to ensure compliance with European data protection standards when processing data in the U.S. Companies certified under the DPF commit to complying with these data protection standards. More information is available at:
https://www.dataprivacyframework.gov/
participant/5780

Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can determine whether a user has performed certain actions. For example, we can evaluate which buttons were clicked how often and which products were viewed or purchased frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they performed. However, we do not receive any information that could personally identify users. Google uses cookies or similar recognition technologies for identification.

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

For more information on Google Conversion Tracking, please refer to Google’s Privacy Policy:
https://policies.google.com/privacy?hl=en

The company is certified under the EU-U.S. Data Privacy Framework (DPF). More information is available at:
https://www.dataprivacyframework.gov/
participant/5780

Meta Conversion API

We use the Meta Conversion API on this website. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Meta, data may also be transferred to the USA and other third countries.

The Meta Conversion API allows us to record visitor interactions with our website and transmit them to Meta to improve ad performance on Facebook and Instagram.

Data collected includes the time of access, the accessed web page, your IP address, your user agent, and possibly additional specific data (e.g., purchased products, cart value, and currency). A full list of possible data can be found here:
https://developers.facebook.com/docs/marketing-api/conversions-api/parameters

The use of this service is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

Where personal data is collected and transmitted to Meta via this tool, we and Meta Platforms Ireland Limited are jointly responsible for the processing (Art. 26 GDPR). Joint responsibility is limited to the collection and transfer of data. Subsequent processing by Meta is not part of this agreement. The obligations have been outlined in a joint processing agreement:
https://www.facebook.com/legal/controller_addendum

For privacy-related requests, please contact Meta directly. If you contact us, we are obliged to forward your request to Meta.

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://de-de.facebook.com/help/566994660333381

More information on how Meta handles your privacy:
https://de-de.facebook.com/about/privacy/

You can disable the “Custom Audiences” remarketing feature here:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
(You must be logged in to Facebook.)

If you do not have a Facebook or Instagram account, you can disable usage-based advertising from Meta here:
http://www.youronlinechoices.com/de/
praferenzmanagement/

Meta is certified under the EU-U.S. Data Privacy Framework. More info:
https://www.dataprivacyframework.gov/
participant/4452

7. Plug-ins and Tools

Google Fonts

This site uses Google Fonts provided by Google for the uniform display of fonts. When you open a page, your browser loads the required fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you are using must establish a connection with Google's servers. This gives Google knowledge that this website was accessed via your IP address. The use of Google Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on their website. If consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG, as far as the consent includes the storage of cookies or access to information in the user’s device (e.g., device fingerprinting). Consent may be revoked at any time.

If your browser does not support Google Fonts, a default font from your computer will be used.

For more information about Google Fonts, see:
https://developers.google.com/fonts/faq
and Google's privacy policy:
https://policies.google.com/privacy?hl=en

Google is certified under the EU-U.S. Data Privacy Framework:
https://www.dataprivacyframework.gov/
participant/5780

hCaptcha

To protect our website from spam and abuse, Shopify uses hCaptcha, a service provided by Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110, USA. hCaptcha is integrated into forms such as login or contact fields to determine whether actions are performed by a human or an automated program (bot).

The analysis may include information such as mouse movements, time spent on the website, and technical browser details. This data is processed solely for security purposes and is not used for advertising.

The legal basis for using hCaptcha is Art. 6(1)(f) GDPR, our legitimate interest in protecting our website against misuse. For more information, see hCaptcha’s privacy policy:
https://www.hcaptcha.com/privacy

8. eCommerce and Payment Providers

Processing of Customer and Contract Data

We collect, process, and use personal customer and contract data for the initiation, content structuring, and modification of our contractual relationships. Personal data regarding the use of this website (usage data) is collected, processed, and used only to the extent necessary to enable the user to utilize the service or for billing purposes. The legal basis for this is Art. 6(1)(b) GDPR.

Collected customer data will be deleted after completion of the order or termination of the business relationship and after the expiration of any statutory retention periods. Statutory retention periods remain unaffected.

Data Transfer Upon Contract Conclusion for Online Shops, Merchants, and Shipping

When you order goods from us, we transmit your personal data to the shipping company commissioned with the delivery and to the payment service provider commissioned with the payment processing. Only the data necessary for fulfilling each party’s task will be transferred. The legal basis for this is Art. 6(1)(b) GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

If you have given your consent pursuant to Art. 6(1)(a) GDPR, we will pass on your email address to the shipping company so that it can notify you by email about the shipping status of your order. You may revoke this consent at any time.

Payment Services

We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g., name, payment amount, bank details, credit card number) is processed by the payment service provider for the purpose of payment processing. These transactions are subject to the contractual and data protection policies of the respective providers.

The use of these payment service providers is based on Art. 6(1)(b) GDPR (contract performance) and our legitimate interest in ensuring a smooth, convenient, and secure payment process (Art. 6(1)(f) GDPR). Where consent is requested for certain actions, the legal basis is Art. 6(1)(a) GDPR; consent may be revoked at any time.

We use the following payment services/providers on this website:

PayPal
Provider: PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. Details:
https://www.paypal.com/de/webapps/
mpp/ua/pocpsa-full
Privacy policy:
https://www.paypal.com/de/webapps/
mpp/ua/privacy-full

Apple Pay
Provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA
Privacy policy:
https://www.apple.com/legal/privacy/de-ww/

Google Pay
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy:
https://policies.google.com/privacy

Stripe
Provider for customers in the EU: Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland

Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses.
Details:
https://stripe.com/de/privacy
https://stripe.com/de/guides/general-data-protection-regulation

giropay
Provider: paydirekt GmbH, Stephanstraße 14–16, 60313 Frankfurt am Main, Germany
Privacy policy:
https://www.paydirekt.de/agb/index.html

Mastercard
Provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium

Mastercard may transfer data to its parent company in the USA. Data transfer is based on Mastercard’s Binding Corporate Rules.
Details:
https://www.mastercard.de/de-de/datenschutz.html
https://www.mastercard.us/content/dam/mccom/
global/documents/mastercard-bcrs.pdf

VISA
Provider: Visa Europe Services Inc., Branch Office London, 1 Sheldon Square, London W2 6TT, United Kingdom

The UK is considered a data protection-compliant third country, meaning it provides an adequate level of data protection equivalent to that in the EU.
VISA may transfer data to its parent company in the USA. Data transfer is based on the EU Commission’s Standard Contractual Clauses.
Details:
https://www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html

Wishlist

Shopping Cart Get shipping estimated

Most searched for today