Privacy policy

Status 03.04.2024

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is

LIVE FAST DIE YOUNG Clothing GmbH

Schloßstraße 57

40477 Düsseldorf, Germany

Düsseldorf, Germany

+49 (0) 211 361 89449

info@pesoclo.com

https://pesoclo.com/

Contacting the data protection officer

The data protection officer of the controller is

DataCo GmbH

Nymphenburger Str. 86

80636 Munich

Munich, Germany

+49 89 7400 45840
www.dataguard.de

General information on data processing

On this page we inform you about the processing of your personal data on the website.

How we collect and use your personal data depends on how you interact with us or which services you use. We only collect, use or share your personal data if we have a legitimate purpose and a legal basis for doing so.

What do we mean by legal basis?

Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)-You have given us your consent to process your personal data for the specific purpose we have explained to you. You have the right to withdraw your consent at any time. To do so, please contact the data protection officer using the contact details below.

Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) -We need to use your data to fulfill a contract you have with us. Alternatively, it is necessary to use your data because we have asked you to do so or you have taken certain steps yourself before entering into this contract.

Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) - We must use your data to comply with the law.

Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) -The processing of your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious physical harm.

Public task (Art. 6 para. 1 sentence 1 lit. e GDPR)) -The processing of your data is necessary for the performance of a task carried out in the public interest or because it is covered by a task defined by law, e.g. for a statutory function.

Legitimate interests (Art. 6 para.1 p.1 lit. f GDPR) -The processing of your data is necessary to support a legitimate interest that we or another party have, only if your own interests do not prevail.

Please note that we may not be able to provide you with our web store if your data is processed as part of the fulfillment of a contract or a legal obligation and you do not provide the requested data.

Your rights

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. The right to information (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this data and to the following information:

• Processing purposes
• Categories of personal data
• Recipients or categories of recipients
• the planned storage period or the criteria for determining this period
• the existence of the rights to rectification, erasure, restriction or objection
• Right to lodge a complaint with the competent supervisory authority
• If applicable, origin of the data (if collected from a third party)
• If applicable, the existence of automated decision-making including profiling with meaningful information about the logic involved, the scope and the expected effects
• If applicable, transfer of personal data to a third country or international organization

1. Right to rectification (Art. 16 GDPR)

If your personal data is incorrect or incomplete, you have the right to request that the personal data be corrected or completed without undue delay.

1. Right to restriction of processing (Art. 18 GDPR)

If one of the following conditions is met, you have the right to request that the processing of your personal data be restricted:

• You contest the accuracy of your personal data, for a period enabling us to verify the accuracy of the personal data.
• In the case of unlawful processing, you oppose the erasure of the personal data and request the restriction of their use instead.
• We no longer need your personal data for the purposes of the processing, but you require your personal data for the establishment, exercise or defense of legal claims, or
• after you have lodged an objection to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.

1. Right to erasure ("right to be forgotten") (Art. 17 GDPR)

If one of the following reasons applies, you have the right to demand that your personal data be erased without undue delay

• Your data is no longer necessary for the processing purposes for which it was originally collected.
• You withdraw your consent and there is no other legal basis for the processing.
• You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) GDPR.
• Your personal data is processed unlawfully.
• The deletion is necessary to fulfill a legal obligation under Union law or the law of the member state to which we are subject.
• The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

Please note that the above reasons do not apply if processing is necessary:

• For exercising the right of freedom of expression and information;
• For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
• For reasons of public interest in the area of public health.
• For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.
• For the establishment, exercise or defense of legal claims.

1. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller.

1. Right to object to certain data processing (Art. 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

1. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

A list of the locally responsible supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following linkhttps://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Data sharing and international transfer

As explained in this Privacy Policy, we use various service providers to help us provide our services and keep your data secure. When we use these service providers, it is necessary for us to share your personal data with them.

If your personal data is transferred outside the EU, we will ensure that your personal data receives an equivalent level of protection, either because the country to which your data is transferred has an "adequate" standard of data protection according to the European Commission, or by using another safeguard, such as an enhanced contractual arrangement, i.e. the Standard Contractual Clauses (SCCs) adopted by the European Commission.

For example, when we use US service providers, we rely on either the SCCs or the EU-US Data Protection Framework, depending on the provider.

Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

• Information about the browser type and version used

• The user's operating system

• The user's internet service provider

• Date and time of access

• Websites from which the user's system accesses our website

• Websites that are accessed by the user's system via our website

This data is stored in the log files of our system.

This data is not stored together with other personal data of the user.

1. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not analyzed for marketing purposes in this context.

1. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f GDPR.

1. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to identify the accessing client.

1. Possibility of objection

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. The user can object to this. Whether the objection is successful must be determined as part of a weighing of interests.

Use of cookies

1. Description and scope of data processing, purpose, legal basis

When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your end device. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

When you access our website and at any time thereafter, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager make.

We use technically necessary cookies that are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible. We also use cookies that are not technically necessary. Cookies that are not technically necessary are text files that are not only used for the functionality of the website, but also collect other data.

Information on cookies used:

Name	Provider	Storage period (days)	Purpose of cookie	Legal basis
_fbp	Facebook Ireland Ltd.	90	Analysis of the user behavior	Art. 6 para. 1 sentence 1 lit. a GDPR
_ga	Google Ireland Ltd.	730	Analysis of the user behavior	Art. 6 para. 1 sentence 1 lit. a GDPR
_gat	Google Ireland Ltd.	730	Analysis of the user behavior	Art. 6 para. 1 sentence 1 lit. a GDPR
_gcl_au	Google Ireland Ltd.	90	Analysis of the user behavior	Art. 6 para. 1 sentence 1 lit. a GDPR
_gid	Google Ireland Ltd.	1	Analysis of the user behavior	Art. 6 para. 1 sentence 1 lit. a GDPR
_landing_page	Shopify	14	Tracking of landing pages.	Art. 6 para. 1 sentence 1 lit. a GDPR
_orig_referrer	Shopify	14	Tracking of landing pages.	Art. 6 para. 1 sentence 1 lit. a GDPR
_s	Shopify	< 1	Shopify analytics.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_country	Shopify	0	Used in connection with the checkout.	Art. 6 para. 1 sentence 1 lit. f GDPR
_shopify_e	Shopify	session	Shopify analytics.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_evids	Shopify	session	Shopify analyses.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_m	Shopify	365	Used to manage the customer's privacy settings	Art. 6 para. 1 sentence 1 lit. f GDPR
_shopify_s	Shopify	< 1	Shopify analytics.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_sa_p	Shopify	< 1	Shopify analytics in relation to marketing & recommendations.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_sa_t	Shopify	< 1	Shopify analytics related to marketing & recommendations.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_tm	Shopify	< 1	Used for the management of customer privacy settings	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_tw	Shopify	14	Used for the management of the customer's privacy settings	Art. 6 para. 1 sentence 1 lit. f GDPR
_shopify_y	Shopify	365	Shopify analytics.	Art. 6 para. 1 sentence 1 lit. a GDPR
_tracking_consent	Shopify	365	Tracking settings	Art. 6 para. 1 sentence 1 lit. f GDPR
_y	Shopify	365	Shopify analytics.	Art. 6 para. 1 sentence 1 lit. a GDPR
cart_currency	Shopify	14	Used in connection with the shopping cart.	Art. 6 para. 1 sentence 1 lit. f GDPR
cart_sig	Shopify	14	Used in connection with the checkout.	Art. 6 para. 1 sentence 1 lit. f GDPR
cookieconsent_preferences _disabled	Live Fast Die Young	365	Used to manage the customer's privacy settings	Art. 6 para. 1 sentence 1 lit. f GDPR
cookieconsent_status	Live Fast Die Young	365	Used to manage the customer's data protection settings	Art. 6 para. 1 sentence 1 lit. f GDPR
locale_bar_accepted	Shopify	session	Used for setting the currency	Art. 6 para. 1 sentence 1 lit. f GDPR
secure_customer_sig	Shopify	365	Used in connection with the customer login.	Art. 6 para. 1 sentence 1 lit. f GDPR
shopify_pay_redirect	Shopify	< 1	Used in connection with the checkout.	Art. 6 para. 1 sentence 1 lit. f GDPR
_shg_user_id	Shopify App: Shogun	1825	Analysis of user behavior on landing pages	Art. 6 para. 1 sentence 1 lit. a GDPR
_shg_session_id	Shopify App: Shogun	session	Analysis of user behavior on landing pages	Art. 6 para. 1 sentence 1 lit. a GDPR
localization	Shopify	14	Used in connection with the localization of the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
__zlcmid	Zendesk	365	Is required for our Zendesk support chat. Saves the visitor's ID to authenticate the widget.	Art. 6 para. 1 sentence 1 lit. a GDPR
cart_ver	Shopify	14	Used in connection with the shopping cart.	Art. 6 para. 1 sentence 1 lit. f GDPR
cart_ts	Shopify	14	Used in connection with the checkout.	Art. 6 para. 1 sentence 1 lit. f GDPR
cart	Shopify	14	Used in connection with the shopping cart.	Art. 6 para. 1 sentence 1 lit. f GDPR
_cmp_a	Shopify	1	Used to manage the customer's privacy settings.	Art. 6 para. 1 sentence 1 lit. f GDPR
keep_alive	Shopify	1	Used in connection with buyer localization.	Art. 6 para. 1 sentence 1 lit. f GDPR
__zlcstore	Zendesk	Always	Is required for our Zendesk support chat. Saves the visitor's account settings locally.	Art. 6 para. 1 sentence 1 lit. a GDPR
__zlcid	Zendesk	365	Is required for our Zendesk support chat. Saves the visitor's ID for authentication of the chat widget.	Art. 6 para. 1 sentence 1 lit. a GDPR
wpm-domain-test	Shopify	session	Necessary for the security of the website.	Art. 6 para. 1 sentence 1 lit. f GDPR
cookietest	Shopify	session	This cookie is used to determine whether the visitor has accepted the cookie consent box.	Art. 6 para. 1 sentence 1 lit. f GDPR
AWSALBCORS	Amazon	7	Even load distribution on the serverserver	Art. 6 para. 1 sentence 1 lit. f GDPR
__kla-id	Klaviyo	2 years (Safari 7 days)	Tracks and identifies users by means of an ID.	Art. 6 para. 1 sentence 1 lit. a GDPR
_hjSession_3275780	Hotjar	30 minutes	Contains current session data	Art. 6 para. 1 sentence 1 lit. f GDPR
_hjSessionUser_3275780	Hotjar	365 days	Retains the Hotjar user ID, which is unique to the for the website.	Art. 6 para. 1 sentence 1 lit. a GDPR
tracked_start_checkout	Shopify	365 days	Is in connection with the checkoutW	Art. 6 para. 1 sentence 1 lit. f GDPR
_tt_enable_cookie	TikTok	13 months	Tracked the user behavior for marketing purposes.	Art. 6 para. 1 sentence 1 lit. a GDPR
_ttp	TikTok	1 year	Tracks the use of embedded services	Art. 6 para. 1 sentence 1 lit. a GDPR
Easysize_button_loaded_for_user	EasySize	session	Extended functionality - size finder	Art. 6 para. 1 sentence 1 lit. f GDPR
Espageview	EasySize	session	Extended functionality - size finder	Art. 6 para. 1 sentence 1 lit. f GDPR
esui	EasySize	14 years	Extended functionality - size finder	Art. 6 para. 1 sentence 1 lit. f GDPR
klaClosedPopup	Klaviyo	1 year	Saves whether the pop Up has been closed	Art. 6 para. 1 sentence 1 lit. f GDPR
_checkout_queue_checkout_token	Shopify	0 days	Used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
_checkout_queue_token	Shopify	0 days	Used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
_ga_7JR37HF8RD	Google Analytics	1 year	Stores and counts page views	Art. 6 para. 1 sentence 1 lit. a GDPR
_ga_081S4D5Z8J	Google Analytics	1 year	Saves and counts page views	Art. 6 para. 1 sentence 1 lit. a GDPR
_ga_EQX4BJHGC7	Google Analytics	1 year	Saves and counts page views	Art. 6 para. 1 sentence 1 lit. a GDPR
_orig_referrer	Shopify	session	Is used in connection with the shopping cartt.	Art. 6 para. 1 sentence 1 lit. f GDPR
_secure_session_id	Shopify	1 tag	Used to navigate through the store	Art. 6 para. 1 sentence 1 lit. f GDPR
_shopify_ga	Shopify & Google Analytics	2 years	Data analysis	Art. 6 para. 1 sentence 1 lit. a GDPR
checkout	Shopify	21 days	Used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
checkout_legacy	Shopify	0 days	Used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
checkout_token	Shopify	1 day	Used in connection used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
checkout_token_legacy	Shopify	0 days	Used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
mdApp_countryCodeDomain	Orbe		Used in connection with location determination.
tracked_start_checkout	Shopify	364 days	Is used in connection with the checkout	Art. 6 para. 1 sentence 1 lit. f GDPR
from	Shopify	session	Is used in connectiong with admin access.	Art. 6 para. 1 sentence 1 lit. f GDPR
storefront_digest	Shopify	session	Used in connection with the customer login	Art. 6 para. 1 sentence 1 lit. f GDPR
identity_state	Shopify		Used in connection with customer authentication	Art. 6 para. 1 sentence 1 lit. f GDPR
identity_customer_account_number	Shopify		Used in connection with customer authentication	Art. 6 para. 1 sentence 1 lit. f GDPR
__atuvc	AddThis	13 months	Tracked Interactions onon the website.	Art. 6 para. 1 sentence 1 lit. a GDPR
__atuvs	AddThis	1 year	Tracked interactions on the website.	Art. 6 para. 1 sentence 1 lit. a GDPR
__utma	Google Analytics	Unlimited	This cookie contains information about when the visitor first visited the site, how often they visited it and when they last visited it	Art. 6 para. 1 sentence 1 lit. a GDPR
GPS	YouTube	session	Collection of customer-related data	Art. 6 para. 1 sentence 1 lit. a GDPR
PREF	YouTube	8 months	Storage of user preferences	Art. 6 para. 1 sentence 1 lit. f GDPR
_shopify_fs	Shopify	2 years	Collects data on the behavior and interaction of visitors	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_uniq	Shopify	1 day	The cookie is used to track the numberl of a user's visits is counted.	Art. 6 para. 1 sentence 1 lit. a GDPR
_shopify_visit	Shopify	30 minutes	The cookie is used to count the number of visitsevisitors are counted	Art. 6 para. 1 sentence 1 lit. a GDPR
customer_auth_provider	Shopify		Analytical purposes	Art. 6 para. 1 sentence 1 lit. a GDPR
customer_auth_session_created_at	Shopify		Analytical purposes	Art. 6 para. 1 sentence 1 lit. a GDPR
_gads	Google DoubleClick	13 months	Advertising purposes and retargeting	Art. 6 para. 1 sentence 1 lit. a GDPR
IDE	Google DoubleClick	2 years	Advertising purposes and retargeting	Art. 6 para. 1 sentence 1 lit. a GDPR
BizoID	LinkedIn	180 days	User-based content	Art. 6 para. 1 sentence 1 lit. a GDPR
_fbc	Facebook	2 years	Saves the last visit	Art. 6 para. 1 sentence 1 lit. a GDPR
__ar_v4	Adroll	Permanent	Is in connection with AdRoll	Art. 6 para. 1 sentence 1 lit. a GDPR
__adroll	AdRoll	6 months	Is in connection with AdRoll	Art. 6 para. 1 sentence 1 lit. a GDPR
__adroll_v4	AdRoll	Session	Is in connection with AdRoll	Art. 6 para. 1 sentence 1 lit. a GDPR
__adroll_fpc	AdRoll	12 months	Is in connection with AdRoll	Art. 6 para. 1 sentence 1 lit. a GDPR
__cfduid(no longer active)	Cloudflare	30 days	Defense against malicious visitors (Protection against bots)	Art. 6 para. 1 sentence 1 lit. f GDPR

The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the user.

The user data collected by technically necessary cookies is not used to create user profiles.

1. Legal basis for data processing

The respective legal basis for the processing of cookies can be found in the table above.

The provisions of the Telecommunications and Telemedia Data Protection Act (TTDSG) apply to the storage of information in the end user's terminal equipment and/or access to information already stored in the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, cookies are stored and accessed on your terminal equipment on the basis of § 25 para. 2 no. 2 TTDSG. The purpose of storing and accessing the information in your end device is to make it easier for you to use our website and to be able to offer you our services as you have requested. Some functions of our website do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted at the end of the session (e.g. logging out or closing the browser) or after a specified period of time. Information on different storage periods for cookies can be found in the following sections of this privacy policy.

If cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can give via the cookie banner. The basis for the storage and access to information in this case is § 25 para. 1 TTDSG in conjunction with. Art. 6 para. 1 lit. a), Art. 7 GDPR. You can revoke your consent at any time with effect for the future or subsequently grant it again by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by making the appropriate settings in your browser software. Please note that the browser settings you make only apply to the browser you are using. If personal data is processed following the storage of and access to the information on your end device, the provisions of the GDPR apply. You can find information on this in the following sections of this privacy policy.

1. Objection and deletion

You can withdraw your consent to the use of cookies at any time and manage your consent preferences at the following link: https://pesoclo.com/#cc-settings

Registration

1. Description and scope of data processing

On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data is not passed on to third parties. The following data is collected as part of the registration process:

• Email address

• Surname

• First name

• Date and time of registration

2. purpose of data processing

Registration of the user is required to fulfill a contract with the user or to carry out pre-contractual measures.

1. Legal basis for data processing

If the registration serves the fulfillment of a contract to which the user is a party or the implementation of pre-contractual measures, the additional legal basis for the processing of the data is Art. 6 para. 1 sentence 1 lit. b GDPR.

1. Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

This is the case for the data collected during the registration process for the fulfillment of a contract or for the implementation of pre-contractual measures if the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to fulfill contractual or legal obligations.

1. Possibility of revocation in the event of consent

As a user, you have the option of canceling your registration at any time. You can have the data stored about you amended at any time.

Specifically, you can request deletion in the following ways:

You have the right to request that we erase your personal data under the conditions of Art. 17 (1) GDPR. However, this right does not exist in particular if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims. To request erasure, please contact support@livefastdieyoung.de.

If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.

Webshop

We offer a web store on our website.

For this purpose, we use the Software as a Service (SaaS) rental store system of a service provider commissioned by us.

The name of our rental store system and the name and address of the service provider are

Shopify of the provider Shopify International Limited, 1-2 Haddington Road, D04 XN32, Dublin , Ireland (hereinafter referred to as Shopify).

Further information can be found in the provider's privacy policy:

https://www.shopify.de/legal/datenschutz

Further information can be found in the provider's privacy policy:

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is

• Information about the browser type and version used

• The user's operating system

• The user's internet service provider

• Date and time of access

• Websites from which the user's system accesses our website

• Websites that are accessed by the user's system via our website

This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - the server log files must be recorded for this purpose.

We have concluded an order processing contract with the relevant service provider, in which we oblige the relevant service provider to protect user data and not to pass it on to third parties.

The website server is geographically located in Ireland.

Order processing

1. Description and scope of data processing
   Orders can be placed via the customer account or as a guest. The order process starts by submitting the order. As soon as the order is reported as paid by the payment service provider, the order is sent to our internal logistics department and is then dispatched and delivered by the postal service provider.

As part of the operation of our company, we process your data using our IT systems. In some cases, we use external service providers to process your data.

1. 
   Purpose of data processing
   Your personal data is processed for the following purposes as part of the existing customer relationship and when you place an order via our online store:

• To prepare and carry out pre-contractual measures
• To add your contact details to our customer database.
• To fulfill our contractual obligations arising from the purchase contract with you. For this purpose, we pass on your personal data to shipping companies, among others, in order to ensure smooth delivery of the goods.
• To provide you with the best possible information about our products and services. This also includes sending you (direct) advertising by e-mail or post.
• To ensure smooth billing of the services provided.
• To comply with our legal obligations.
• To provide you, our customer, with the best possible service. This includes, in particular, communicating with you by e-mail, mobile phone, landline or fax.
• To fulfill post-contractual measures.
• To assert, exercise or defend legal claims.

1. Legal basis for data processing
   We process the data provided to us for the performance of the contract and, depending on the desired payment method, for a pre-contractual check and for any processing of warranty claims. The legal basis for this can be found in Art. 6 para. 1 c) and f) GDPR. In addition, the service providers we use (such as logistics companies, payment intermediaries) receive the necessary data about you or your order. Depending on the chosen payment method, we also carry out credit checks.
2. 
   Duration of storage
   The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
   This is the case for the data collected during the registration process to fulfill a contract or to carry out pre-contractual measures if the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may be necessary to store personal data of the contractual partner in order to comply with contractual or legal obligations.
3. 
   Possibility of revocation
   As a user, you have the option of canceling your registration at any time.
   If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.

Payment options

1. Description and scope of data processing

We offer our customers various payment options for processing their orders. Depending on the payment option, we redirect customers to the platform of the relevant payment service provider. After completing the payment process, we receive the customer's payment data from the payment service providers or our house bank and process it in our systems for invoicing and accounting purposes.

Payment via Klarna

It is possible to process the payment transaction with the payment service provider Klarna.

Klarna is a payment service provider that enables purchase on account or payment by installments.

The European operating company of Klarna is Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden.

If you select "purchase on account" or "installment purchase" as a payment option as part of the transaction via Klarna, your personal data will be automatically transmitted to Klarna. The personal data transmitted to Klarna is in particular

• First name
• Surname
• your address
• Date of birth
• gender
• Email address
• IP address
• Telephone/mobile phone number
• Bank details
• Credit card number incl. expiry date and CVC code
• Number of items
• Item number
• Data on goods and/or services
• Transaction amount and tax charges

The transmission of the data is intended in particular for identity verification, payment administration and fraud prevention. The personal data exchanged between Klarna and us may be transmitted by Klarna to credit agencies.

The purpose of this transfer is to check identity and creditworthiness. Klarna may also pass on the personal data to affiliated companies (Klarna Group) and service providers or subcontractors if this is necessary to fulfill the contractual obligations or if the data is to be processed on behalf of Klarna.

Further information on the processing of your data by Klarna can be found in Klarna's privacy policy at

https://www.klarna.com/de/datenschutz/

Payment by credit card

It is possible to complete the payment process by credit card.

If you have selected payment by credit card, payment data will be forwarded to payment service providers for payment processing. All payment service providers comply with the Payment Card Industry (PCI) Data Security Standards and have been certified by an independent PCI Qualified Security Assessor.

The following data is regularly transmitted as part of payment by credit card:

• Purchase amount
• Date and time of purchase
• First name and surname
• Your address
• e-mail address
• Credit card number
• Credit card expiry date
• Security code (CVC)
• IP address
• Telephone number / mobile phone number

Payment data is forwarded to the following payment service providers:

• ShopifyPayments of the provider

Shopify International Ltd
Victoria Buildings
2. Floor, 1-2 Haddington Road
Dublin 4, D04 XN32, Ireland. For more information about how ShopifyPayments processes your data, please see ShopifyPayments' privacy policy at: https://www.shopify.com/legal/privacy.

Payment via PayPal

It is possible to process the payment transaction with the payment service provider PayPal. In addition to a direct payment method, PayPal also offers purchase on account, direct debit, credit card and installment payments.

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg.

If you select PayPal as your payment method, your data required for the payment process will be automatically transmitted to PayPal.

This involves the following data in particular:

• Name
• your address
• email address
• Telephone/mobile phone number
• IP address
• Bank details
• Card number
• Validity date and CVC code
• Number of items
• Item number
• Data on goods and services
• Transaction amount and tax charges
• Information on previous purchasing behavior

The data transmitted to PayPal may be transmitted by PayPal to credit agencies. The purpose of this transmission is to check your identity and creditworthiness.

PayPal may also pass on your data to third parties if this is necessary to fulfill contractual obligations or if the data is to be processed on behalf of PayPal. When transferring your personal data within companies affiliated with PayPal, the Binding Corporate Rules approved by the competent supervisory authorities apply. You can find them here:

https://www.paypal.com/de/webapps/mpp/ua/bcr

Other data transfers may be based on contractual safeguards. For more information, please contact PayPal.

All PayPal transactions are subject to PayPal's privacy policy. You can find this at:

https://www.paypal.com/de/webapps/mpp/ua/privacy-full/.

1. Purpose of the data processing

The transmission of payment data to payment service providers serves to process the payment, e.g. when you purchase a product and/or use a service.

1. Legal basis for data processing

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. b GDPR, as the processing of the data is necessary for the execution of the concluded purchase contract.

1. Duration of storage

All payment data and data on any chargebacks will only be stored for as long as they are required for payment processing and possible processing of chargebacks and debt collection as well as to combat misuse.

Furthermore, payment data may be stored for longer if and for as long as this is necessary to comply with statutory retention periods or to pursue a specific case of misuse.

Your personal data will be deleted upon expiry of the statutory retention periods, i.e. after 10 years at the latest.

1. Exercising your rights

If the data is required to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible insofar as contractual or legal obligations do not prevent deletion.

Shipping service provider

1. Description and scope of data processing

If you order products or services on our website for which a shipping service provider is used for delivery, you will receive your order and shipping confirmation via your email address and, depending on the respective shipping service provider, notification that your shipment has arrived and/or notification of the package announcement and possible delivery options.

The data is transmitted to the following service providers:

• DHL Paket GmbH, Sträßchensweg 10, 53113 Bonn, Germany

• DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany

• FedEx Express - European Office, Taurusavenue 111, 2132 LS Hoofddorp, Netherlands

• UPS Europa SA, Ave Ariane 5, Brussels, B-1200, Belgium

The transmitted data is regularly:

• Name
• Your address
• Email address

1. Purpose of the data processing

The purpose of processing the personal data is to give shipping service providers the opportunity to inform recipients about the progress of the shipment by email and thus increase the probability of successful delivery.

1. Legal basis for data processing

The legal basis for the transmission of the e-mail address to the respective shipping service provider and its use is your consent pursuant to Art. 6 para. 1 lit. a GDPR, and the legal basis for the transmission of your address data (first name, surname, address) to the respective shipping service provider is Art. 6 para. 1 sentence 1 lit. b GDPR, as the processing of the data is necessary for the processing of the concluded purchase contract.

1. Duration of storage

The transmitted data will be deleted by the respective shipping service provider once the parcel has been delivered.

1. Possibility of objection

The notification service by the shipping service provider can be terminated by the user concerned at any time. For this purpose, there is a corresponding opt-out link in every email.

Newsletter

1. Description and scope of data processing

It is possible to subscribe to a free newsletter on our website. When you register for the newsletter, the data from the input screen is transmitted to us.

In order to provide this service, we collect the following data from you

• Email address

• Date and time of registration

Your consent is obtained for the processing of the data as part of the registration process and reference is made to this privacy policy.

No data will be passed on to third parties in connection with the data processing for sending newsletters. The data is used exclusively for sending the newsletter.

1. Purpose of data processing

The purpose of collecting the user's email address is to send the newsletter.

The collection of other personal data as part of the registration process serves to prevent misuse of the services or the email address used.

1. Legal basis for data processing

The legal basis for the processing of data after the user has registered for the newsletter is Art. 6 para. 1 sentence 1 lit. a GDPR if the user has given consent.

1. Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user's email address is therefore stored for as long as the subscription to the newsletter is active.

The other personal data collected during the registration process is generally deleted after a period of seven days.

1. Possibility of revocation

The subscription to the newsletter can be canceled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter.

This also makes it possible to withdraw consent to the storage of personal data collected during the registration process.

Email contact

1. Description and scope of data processing

It is possible to contact us via the email address provided on our website. In this case, the user's personal data transmitted with the email will be stored.

The data is used exclusively for processing the conversation.

1. Purpose of data processing

If contact is made by email, this also constitutes the necessary legitimate interest in processing the data.

1. Legal basis for data processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to respond optimally to the inquiry you send by email.

If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

1. Duration of storage

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

1. Possibility of objection

If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.

Company presences

Instagram:

Instagram, Part of Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland

On our company page, we provide information and offer Instagram users the opportunity to communicate.

If you perform an action on our Instagram company page (e.g. comments, posts, likes, etc.), you may make personal data (e.g. real name or photo of your user profile) public.

However, as we generally or largely have no influence on the processing of your personal data by Instagram, we cannot make any binding statements about the purpose and scope of the processing of your data.

We use our corporate presence on social networks to communicate and exchange information with (potential) customers. In particular, we use the company presence for

Presentation of products / collections

The publications on the company website may contain the following content

• Information about products

Every user is free to publish personal data through activities.

Insofar as we process your personal data in order to evaluate your online behavior, offer you competitions or carry out lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR.

The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest here is to respond to your inquiry in the best possible way or to be able to provide the requested information.

If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The data generated by the company website is not stored in our own systems.

You can object to the processing of your personal data that we collect as part of your use of our company presence at any time and assert your rights as a data subject as set out in the "Your rights" section of this privacy policy. To do so, send us an informal email to info@pesoclo.com . You can find more information on the processing of your personal data by Instagram and the corresponding objection options here:

Instagram:https://help.instagram.com/519522125107875

YouTube:

YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, United States

On our company page, we provide information and offer YouTube users the opportunity to communicate.

If you perform an action on our YouTube company page (e.g. comments, posts, likes, etc.), you may make personal data (e.g. your real name or photo of your user profile) public.

However, as we generally or largely have no influence on the processing of your personal data by YouTube, we cannot make any binding statements about the purpose and scope of the processing of your data.

We use our company presence in social networks for communication and information exchange with (potential) customers. In particular, we use the company website for:
Presentation of products / collections

The publications on the company website may contain the following content

• Information about products

Every user is free to publish personal data through activities.

Insofar as we process your personal data in order to evaluate your online behavior, offer you competitions or carry out lead campaigns, this is done on the basis of your express declaration of consent, Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR.

The legal basis for the processing of personal data for the purpose of communicating with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest here is to respond to your inquiry in the best possible way or to be able to provide the requested information.

If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The data generated by the company website is not stored in our own systems.

You can object to the processing of your personal data that we collect as part of your use of our company presence at any time and assert your rights as a data subject as set out in the "Your rights" section of this privacy policy. To do so, send us an informal email to info@pesoclo.com . You can find more information on the processing of your personal data by YouTube and the corresponding objection options here:

YouTube:https://policies.google.com/privacy?gl=DE&hl=en

Content delivery networks

Shopify

1. Description and scope of data processing

We use functions of the Shopify content delivery network from the provider on our website. A content delivery network (CDN) is a network of regionally distributed servers connected via the Internet, which are used to deliver content - especially large media files such as videos. Shopify offers web optimization and security services that we use to improve the loading times of our website and to protect it from misuse. When you visit our website, a connection is established to Shopify's servers, e.g. to retrieve content. This allows personal data to be stored and analyzed in server log files, in particular the user's activity (in particular which pages have been visited) and device and browser information (in particular the IP address and operating system).

1. Purpose of the data processing

The use of Shopify's functions serves to deliver and accelerate online applications and content.

1. Legal basis for data processing

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

1. Duration of storage

Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law.

1. Possibility of objection

Information on exercising your rights against Shopify can be found at: https://www.shopify.com/legal/privacy

Integrated services from third-party providers

We use various service providers to deliver the services we offer through the website.

If such services are required for additional services, extended functions or additional purposes, your personal data will only be transferred to service providers if you give your consent.

You can withdraw your consent to the use of integrated third-party services and manage your consent settings at any time here: https://pesoclo.com/#cc-settings

Use of the Google Marketing Platform

1. Scope of the processing of personal data

We use the marketing platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). Google places a cookie on your computer. This allows personal data to be stored and evaluated, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data about the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server.
We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our level of knowledge. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out your IP address and store it.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

1. Purpose of data processing
   
   The purpose of using the Google Marketing Platform is to display relevant ads to the user, to improve campaign performance reports or to prevent a user from seeing the same ads more than once.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   The Google Marketing Platform stores your data until the stated purpose is fulfilled, whereby the maximum storage period is 18 months.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can use the following link to deactivate the use of your personal data by Google:
   https://adssettings.google.de
   FurtherInformation on objection and removal options vis-à-vis Google can be found at
   https://policies.google.com/privacy?gl=DE&hl=de

Use of Facebook Pixel

1. Scope of the processing of personal data

We use the Facebook pixel of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA and its representative in the Union Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal H , D2 Dublin, Ireland (hereinafter referred to as: Facebook) on our online presence. With its help, we can track the actions of users after they have seen or clicked on a Facebook ad. This allows personal data to be stored and evaluated, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data about the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymized user IDs). This allows us to record the effectiveness of Facebook ads for statistical and market research purposes.
Data may be transmitted to Facebook servers in the USA.
The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook. Facebook can link this data to your Facebook account and also use it for its own advertising purposes in accordance with Facebook's data usage policy.
You can find more information on the processing of data by Facebook here:
https://de-de.facebook.com/policy.php

1. Purpose of data processing
   
   The Facebook Pixel is used to analyze and optimize advertising measures.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Facebook by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   Further information on objection and removal options vis-à-vis Facebook can be found at
   https://de-de.facebook.com/policy.php

Use of Google Analytics 4 (GA 4)

1. Scope of the processing of personal data

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google).

Among other things, Google Analytics analyzes how website visitors use our website. Google places cookies on your end device. During the visit, user behavior is recorded in the form of "events". This allows personal data to be stored and analyzed, including

• First visit to the website
• Interaction with the website, usage path
• Clicks on external links
• Video usage
• File downloads
• Advertising impressions and clicks
• Scrolling behavior (if to the end of the page)
• Searches on the website
• Language selection
• Page visits
• Location (region)
• Your IP address (in abbreviated form)
• Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
• Your internet provider
• Referrer URL

We use Google Signals. This allows Google Analytics to collect additional information about users who have activated personalized ads (interests and demographic data) and ads can be delivered to these users in cross-device remarketing campaigns.

IP address anonymization is activated by default in GA 4. This means that your IP address will be truncated by Google within the member states of the European Union or other parties to the Agreement on the European Economic Area. As an exception, only in rare cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser will not be merged with other Google data in the context of Google Analytics.

Further information on the processing of data by Google can be found here:https://policies.google.com/privacy

1. Purpose of the data processing

We use GA 4 to evaluate the use of our online presence and to generate reports on the activities on our website. The reports are used to analyze the performance of our website and to target advertising to people who have already shown an initial interest by visiting our website.

1. Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR.

1. Duration of storage

Your personal data will be deleted after 2 months. This deletion takes place automatically once a month.

1. Revocation, objection and removal option

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can withdraw your consent via our Cookie Consent Tool.

You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com) in your browser.

Further information on objection and removal options vis-à-vis Google can be found athttps://policies.google.com/technologies/partner-sites

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the online presence (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:https://tools.google.com/dlpage/gaoptout?hl=de

You can use the following link to deactivate the use of your personal data by Google:https://adssettings.google.de

Use of Google Ads Remarketing

1. Scope of the processing of personal data

We use Google Ads Remarketing from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). Google Remarketing is used to retarget visitors to the online presence for advertising purposes via Google Ads ads. Google Ads Remarketing can be used to create target groups ("similar target groups") that have, for example, accessed certain pages. This makes it possible to identify the user on other online presences and display targeted advertising. Google places a cookie on the user's computer. This allows personal data to be stored and evaluated, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system), data about the advertisements displayed (in particular which advertisements have been displayed and whether the user has clicked on them) and also data from advertising partners (in particular pseudonymized user IDs).
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

1. Purpose of data processing
   
   The purpose of processing personal data is to address a specific target group. The cookies stored on the user's end device recognize them when they visit an online presence and can therefore show them interest-based advertising.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
   https://tools.google.com/dlpage/gaoptout?hl=de
   Withthe following link you can deactivate the use of your personal data by Google:
   https://adssettings.google.de
   FurtherInformation on objection and removal options vis-à-vis Google can be found at
   https://policies.google.com/privacy?gl=DE&hl=de

Use of Google ReCaptcha

1. Scope of the processing of personal data

We use Google ReCaptcha from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland. This tool is designed to check whether a data entry is compliant and has not been made by a bot, and Google ReCaptcha analyzes and authenticates the behavior of an online presence visitor with regard to various characteristics. This allows personal data to be stored and evaluated, in particular the user's activity (especially mouse movements and which elements have been clicked on) and device and browser information (especially time, IP address and operating system).

The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.

Further information on the processing of data by Google can be found here:

https://policies.google.com/privacy?gl=DE&hl=en

1. Purpose of data processing

The use of Google ReCaptcha serves to protect our online presence from misuse.

1. Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is generally the consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

1. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.

1. Revocation and removal option

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

You can use the following link to deactivate the use of your personal data by Google:

https://adssettings.google.de

Further information on objection and removal options vis-à-vis Google can be found at

https://policies.google.com/privacy?gl=DE&hl=en

Use of Google Web Fonts

1. Scope of the processing of personal data

We use Google Web Fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). The web fonts are transferred to the cache of the browser when the page is called up in order to be able to use them for the visually improved display of various information. If the browser does not support Google web fonts or prevents access, the text is displayed in a standard font. No cookies are stored on the visitor's computer when the page is accessed. Data that is transmitted in connection with the page view is transferred to resource-specific domains such ashttps://fonts.googleapis.comorhttps://fonts.gstatic.comare sent. This allows personal data to be stored and evaluated, in particular the user's activity, in particular which pages have been visited and which elements have been clicked on, and device and browser information, in particular the IP address and operating system.
The data is not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
Further information on the processing of data by Google can be found here:
https://policies.google.com/privacy?gl=DE&hl=de

1. Purpose of data processing
   
   The use of Google Web Fonts serves the purpose of an appealing presentation of our texts. If your browser does not support this function, a standard font will be used by your computer for display.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
4. Objection and removal option
   
   You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can use the following link to deactivate the use of your personal data by Google:
   https://adssettings.google.de
   FurtherInformation on objection and removal options vis-à-vis Google can be found at
   https://policies.google.com/privacy?gl=DE&hl=de

Use of Hotjar

1. Scope of the processing of personal data

We use the web analysis service Hotjar from Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta (hereinafter: Hotjar). Hotjar uses, among other things, cookies, i.e. small text files that are stored locally in the cache of your web browser on your end device and that enable your use of our online presence to be analyzed. This allows personal data to be stored and evaluated, in particular the user's activity (in particular which pages have been visited and which elements have been clicked on), device and browser information (in particular the IP address and operating system) and a tracking code (pseudonymized user ID). The information collected in this way is transmitted by Hotjar to a server in Ireland and stored there in anonymized form.
Further information on the processing of data by Hotjar can be found here:
https://www.hotjar.com/legal/policies/privacy

1. Purpose of data processing
   
   The purpose of using the Hotjar plug-in is to better understand the needs of our users and to optimize the offer on this online presence.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Hotjar by preventing the storage of third-party cookies on your computer, by using the "Do Not Track" function of a supporting browser, by deactivating the execution of script code in your browser or by using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can use the following link to deactivate the use of your personal data by Hotjar:
   https://www.hotjar.com/legal/compliance/opt-out
   FurtherInformation on objection and removal options vis-à-vis Hotjar can be found at
   https://www.hotjar.com/legal/policies/privacy

Use of the Instagram plugin

1. Scope of the processing of personal data

We use plugins of the Instagram service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA and its representative in the Union Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as: Facebook). The integrated Instagram buttons are used by us to enable a link to our Instagram profile. A widget is also integrated, which enables us to display certain photos and videos from our Instagram profile on our online presence When you visit one of our pages that contains such a plug-in, your browser establishes a direct connection to a Facebook server. The content of the plug-ins is transmitted directly to your browser and integrated into the online presence. Data is automatically transmitted to Instagram and stored on its servers. This transmitted data includes connection data (such as your IP address, date and time, the URL called up) as well as the browser and operating system used.
Your visit to our pages can be tracked by Instagram, even if you do not actively use the plug-in functions. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. If you want to prevent this direct assignment, you must log out of Instagram before visiting our online presence.
You can find more information on this in Instagram's privacy policy:
https://help.instagram.com/155833707900388

1. Purpose of data processing
   
   The use of the Instagram plug-in serves to improve the external presentation of our company.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Instagram by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can find further information on objection and removal options vis-à-vis Instagram at
   https://help.instagram.com/155833707900388

Use of Google Tag Manager

1. Scope of the processing of personal data

We use Google Tag Manager (https://www.google.com/intl/de/tagmanager/) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and the representative in the Union Google Ireland Ltd, Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to as: Google). Google Tag Manager can be used to manage and bundle tags from Google and third-party services and embed them on an online presence. Tags are small code elements on an online presence that are used, among other things, to measure visitor numbers and behaviour, to record the impact of online advertising and social channels, to use remarketing and targeting and to test and optimize online presences. When a user visits the online presence, the current tag configuration is sent to the user's browser. It contains instructions on which tags should be triggered. Google Tag Manager triggers other tags, which in turn may collect data. Information on this can be found in the sections on the use of the corresponding services in this privacy policy. Google Tag Manager does not access this data.
You can find more information about Google Tag Manager athttps://www.google.com/intl/de/tagmanager/faq.htmland in Google's privacy policy:https://policies.google.com/privacy?hl=de

1. Purpose of data processing
   
   The purpose of processing personal data is to collect and clearly manage and efficiently integrate the services of third-party providers.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law. Advertising data in server logs is anonymized by Google deleting parts of the IP address and cookie information after 9 or 18 months.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Google by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   You can also prevent the collection of data generated by the cookie and related to your use of the online presence (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
   https://tools.google.com/dlpage/gaoptout?hl=de
   Withthe following link you can deactivate the use of your personal data by Google:
   https://adssettings.google.de
   FurtherInformation on objection and removal options vis-à-vis Google can be found at
   https://policies.google.com/privacy?gl=DE&hl=de

Use of Usercentrics

1. Scope of the processing of personal data

We use the Usercentrics consent management platform from Usercentrics GmbH, Rosental 4, 80331 Munich, Germany (hereinafter referred to as Usercentrics). Usercentrics enables us to obtain and manage users' consent to data processing and to document it in a legally compliant manner. Usercentrics places cookies on the user's device for this purpose. The following data is processed:
-Date and time of the visit
-Device information
-Browser information
-Anonymized IP address
-Opt-in and opt-out data
The data is processed geographically in the European Union.
Further information on the processing of data by Usercentrics can be found here:
https://usercentrics.com/de/datenschutzerklaerung/

1. Purpose of data processing
   
   The processing of personal data serves to comply with the legal obligations of the GDPR and the BDSG.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes mentioned under 2.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy, the consent to storage has been revoked or as required by law.
4. Objection and removal option
   
   You can prevent the collection and processing of your personal data by Usercentrics by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   Further information on objection and removal options vis-à-vis Usercentrics can be found at
   https://usercentrics.com/de/datenschutzerklaerung/

Use of Facebook Retargeting

1. Scope of the processing of personal data

We use functionalities of the Facebook Retargeting advertising plugin from Facebook Ireland Limited, 4 Grand Canal Square, Dublin Dublin 2, Ireland (hereinafter: Facebook Retargeting).
Facebook Retargeting is used to carry out advertising campaigns and to interact with them. Facebook Retargeting reminds users of products that they have searched for or viewed but not purchased. Facebook cookies are stored on your end device.
In particular, the following personal data is processed by Facebook:
-Information about the user's activities
-The website visited
-Which products have been displayed
-Which ads have been clicked
-Device information, in particular device type, IP address
-Facebook account of the users if they are logged into Facebook
Data is stored on servers of Facebook Inc, Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
Other recipients of the data are providers and service providers of Facebook Inc, e.g. for analysis purposes.
Further information on the processing of data by Facebook can be found here:
https://de-de.facebook.com/privacy/explanation

1. Purpose of data processing
   
   We use Facebook Retargeting to place advertisements on various platforms and to analyze the interaction of users with these advertisements. In this way, we aim to show users personalized advertising that is more relevant to them.
2. Legal basis for the processing of personal data
   
   The legal basis for the processing of users' personal data is generally the user's consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
3. Duration of storage
   
   Your personal information will be stored for as long as is necessary to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes.
4. Revocation and removal option
   
   You have the right to revoke your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
   You can prevent the collection and processing of your personal data by Facebook by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or using a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.
   The deactivation of personalized advertising for Facebook users is possible for logged-in users here:
   https://www.facebook.com/settings/?tab=ads
   FurtherInformation on objection and removal options vis-à-vis Facebook can be found at
   https://de-de.facebook.com/privacy/explanation

Integration of plugins via external service providers

1. Description and scope of data processing

We integrate certain plugins on our website via external service providers in the form of content delivery networks. When you visit our website, a connection is established to the servers of the providers we use to retrieve content and store it in the cache of the user's browser. As a result, personal data may be stored and analyzed in server log files, especially device and browser information (in particular the IP address and operating system). We use the following services:

• Shopify App Store

1. Purpose of the data processing

The use of the functions of these services serves to deliver and accelerate online applications and content.

1. Legal basis for data processing

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website.

1. Duration of storage

Your personal information will be stored for as long as necessary to fulfill the purposes described in this privacy policy or as required by law.

1. Possibility of objection

Information on exercising your rights against Yandex CDN can be found at: https://www.shopify.com/legal/privacy

This privacy policy was created with the support of DataGuard created.