Mon-Fri, 9:00 - 17:00

02771 - 80098 - 10

Favorites

No products in the wishlist.

Return To Shop
Cart

No products in the cart.

Return To Shop
Shopping cart (0)
Subtotal: 0,00 

View cartCheckout

Menu Categories
Cart 0,00 
Wishlist
Compare

Data Protection

Data Protection

We are very happy about your interest in our company. Data protection is of utmost importance to the management of SWT GmbH. The usage of our Website with no provided personal information is generally possible. If someone wants to make use of special services through our company on our website, it is possible that we will need your personal information in order to process your request. If it is necessary to obtain your personal information and there is no legal basis for this, we will ask for your permission.

Personalized data, such as name, address, E-Mail address or phone number of a person are being processed according to the data protection regulations and in accordance with the country specific data protection clause for SWT GmbH. Through this privacy statemnt, our company wants to inform the public about what information we use for which purposes and how much we use. Furthermore, this statement will inform the affected people about their rights.

SWT GmbH has taken numerous technical and organizational measures in order to provide you a seamless protection of your personalized data on this website. However, Internet based data transmissions can exhibit security gaps, which prevents us from being able to guarantee you an absolute protection. Therefore it is possible for everyone affected to submit their personal data to us on alternative ways, such as by phone. 

  1. Definitions

The data protection clause of SWT GmbH contains definitions which have been used by the European policy regulators when they issued the data protection policy (DS-GVO). Our data protection clause is meant to be easy to read and to understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the used definitions.

We are using the following definitions in our data protection clause:

  1. a) Personalized data

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. A person is considered indentifiable if they can be identified by a name, a code, location data, an online ID or by one or several special characteristics which express the physical, physiological, genetic, psychological, financial, cultural or social identity of this natual person directly or indirectly.

  1. b) Affected person

An affected person is every indentified or indentifieable natural person whose personal data can be processed by the responsible company.

  1. c) Processing

Processing covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organisation,structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination,restriction, erasure or destruction of personal data.

  1. d) Processing restriction

Processing restrictions are the are flagging of saved personalized data in order to restrict them from being processed in the future.

  1. e) Profiling

Profiling is every kind of automated processing of personalized data. The personalized data will be used to evaluate, analyze and predict certain personal aspects that relate to a natural person. Particularly aspects that relate to work performance, financial situation, health, personal preferences, interests, reliability, behaviour, whereabouts or change of location.

  1. f) Pseudonymisation

Pseudonymisation is the processing of personalized data in a way in which additional information is no longer being pulled in so that it is not possible to assign them to a specific affected person as long as these additional pieces of information are stored separately and are subject to technical and organizational measures which ensure that the personalized data of an identified or identifiable natural person can no longer be assigned.

  1. g) Those responsible or those responsible for the processing

Those responsible or those responsible for the processing are a natural or juridical person, authority, institution or other entity which decides over the purposes and means of the personal data alone or together with others. If the purposes and means of personal data processing are specified by the Union law or the law of its member states, they can apply to the responsible entity’s specified criterias of their terms.

  1. h) Processor

A processor is a natural or juridical person, authority, institution or other entity which processes the personalized data on behalf of those responsible.

  1. i) Recipient

The recipient is a natural or juridical person, authority, institution or other entity to which the personal data is being disclosed, irrespectively of whether this is a third party or not. Institutions which receive personalized data due to an assignment received by the EU according tot he Union law or the law of one of ist members, do not count as recipients.  

  1. j) Third Party

Third party are a natural or juridical person, authority, institution or other entity other than the affected person, those responsible, the processor or other persons under the immediate resposiblility of those responsible or the processor, which are authorized to process the personalized data. 

  1. k) Consent

Consent is any freely given, specific, informed and unambiguous indication of the affected persons wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

  1. Name and address of those responsible for processing

The following entity is responsible, according to the data protection law and other laws that are in place in the European Union or one of its members that refer to data protection:

SWT GmbH

Dillstrasse 4

35708 Haiger-Sechshelden

Deutschland

Tel.: 02771 – 814 416

E-Mail: info@cooltool-swt.de

 

Website: www.cooltool-swt.de

 

  1. Cookies

SWT GmbHs websites use Cookies. Cookies are small text files that websites place on your device as you are browsing. They are processed and stored by your web browser.

Many websites and servers use cookies. Many Cookies contain a so-called Cookie-ID. A Cookie-ID ist he destinct identification of the Cookie. They consist of a sequence of characters with which the websites and servers can be assigned to the specific browser that saved these cookies. This allows the websites and the servers to distinguish the specific browser from the affected person from other browsers that contain different Cookies. A specific website can be recognized and identified through the destinct Cookie-ID.

 

By using Cookies, SWT GmbH can offer the users userfriendly services, which would not be possible without placing these Cookies.

 

By using Cookies we can optimize the information and offers on our website to the customers favour. Like previously mentioned, Cookies help us identify the users of our website. The purpose of this identification is to make it easier to use our website. For example, the user of a website that uses Cookies does not have to type in their Log-in data again when they return because they were saved onto the Computer by the Cookie. Another example would be a Cookie from an Online-shops shopping cart. The Online-shop remembers the articles that were put into the virtual shopping cart by the user by using a Cookie.

 

The affected person can permamently prevent the placement of a Cookie at any time through the internet browsers settings. Furthermore, Cookies that have already been placed can be deleted by the internet browser or a different software program at any time. This is possible in every common internet browser. If an affected person deactivates the placement of Cookies in their internet browser, it is possible that not every function oft he website will be available to them.

  1. Acquisition of basic data and information

SWT GmbHs website collects a series of basic data and information through an automated system every time the affected person visits our website. These basic data and information are saved in the Servers Logfiles. The following information can be acquired: (1) browser type and version, (2) the operating system, (3) thr website, from which the system accessed our website (referer), (4) the subwebsites which are accessed by the user through our website, (5) the date and time when the website was accessed, (6) the Internet-Protocol-Address (IP-Address), (7) the Internet-Service-provider from the accessing system and (8) other similar data and information that help us prevent any dangers in case of an attack on our IT-System.

 

While using these basic data and informations SWT does not draw any conclusions towards the affected person. These informations are used to (1) deliver the websites contents correctly, (2) to optimize the contents as well as the advertisements on our website, (3) to provide the constant functionality of our IT-System and the technology of our website and (4) to provide law enforcement the necessary information in case of a cyber attack. These anonymously obtained pieces of data and information are statistically evaluated by SWT GmbH and aim to increase the data protection and data security  in our company in order to provide an optimum protection niveau fort he data that is being processed by us.  The anonymous data of server Logfiles are being processed separately from the personalized data that are being saved by the affected person.

  1. Registering on our website

 

The affected person has the possibility to register themselves on the website of those responsible for processing the data by indicating their personal information. Which personalized data will be processed by those responsible yields from the input form that is being used for the registration. The affected persons personalized data will be exclusively processed, saved and used for internal purposes. Those responsible for processing can forward the personalized data to one of more processors, for example a parcel service, for internal use only.

 

 

By registering on the website of those responsible for processing the affected persons internet-service-provider (ISP), the date and the time of registration will be saved. The saving of this data is taking place in the background so the misuse of our services can be prevented and it can possibly help discover criminal offences. The saving of this data is necessary for the responsible entities safety. A transfer of these data to a third party does not occur, unless there is a legal obligation or the transfer serves a criminal investigation.

 

 

 

The voluntary registration of an affected person serves the ability to offer contents and services by the responsible entity, that are naturally only available to the registered user. Registered persons have the opportunity to change the data that they indicated upon registration at any time or can completely delete them from the database of those responsible.

The affected person can request the disclosure of which information has been saved by the responsible entity at any time. Unless there is a legal obligation to retain this information, the affected person can request the correction or the deletion of their personal data from the responsible entity. The entire staff from the responsible entity will be available to you for this.

 

  1. Subscription of our newsletters

On SWT GmbHs website the users have the possiblity to subscribe to the companies newsletter. Which personal information will be transmitted to those responsible by subscribing to the newsletter can be seen on the input form.

SWT GmbH informs their customers and business partners about the companies offers in regular intervals through their newsletter. The newsletter can typically only be received by an affected person if (1) the affected person has a valid E-Mail address and (2) the affected person has registered for the newsletter service. Due to legal reasons, the affected person will receive a confirmation E-Mail on the E-Mail address that they used for registering for the newsletter through the Double-Opt-In procedure.  The confirmation E-Mail ensures that the owner of the E-Mail address has authorized the reception oft he newsletter.

 

Upon registering for the newsletter, the internet-service-provider (ISP) and the supplied IP-address of the affected person as well as the used computer system, date and time will be saved. The saving of this data is necessary to track back the possible misuse oft he affected persons E-Mail address so it serves as a legal security for the responsible entity.

The personalized data that has been collected as part of the newsletter subscription is exclusively used for the distribution of our newsletter. Subscribers of the newsletter can also be informed about technical changes on the newsletter. There will not be a transfer of personalized data that have been obtained by the newsletter service to a third party. The subscription of our newsletter can be cancelled by the affected person at any time. The consent that the affected person gave the newsletter service about saving their personalized data can be revoked at any time. To revoke the consent there is a corresponding link attached to every newsletter. There is also the possibility to unsubscribe from the newsletter service on the website of the responible entity or to inform them directly.

 

  1. Newsletter-tracking

SWT GmbHs newsletter contains so called tracking pixels. A tracking pixel is a miniature graphic that is embedded into an E-Mail that uses HTML-format to enable a log-file recording and a log-file analysis. Through this it is possible to conduct a statistical evaluation oft he success and the failures of an online-marketing campaign. With the embedded tracking pixel SWT GmbH can recognize if or when an affected person has opened an E-Mail and whether they clicked on a link that is in the E-Mail.

 The personalized data that is being obtained by the tracking pixels in the newsletters are saved by those responsible for processing and are evaluated to optimize the newsletter dispatch and to modify it according to the affected persons interests. These personalized data will not be forwarded to a third party. The affected person is entitled to revoke the consent they gave through the Double-Opt-In procedure at any time. After the revocation, those responsible for processing will delete these personalized data. Unsubscribing from the newsletter is automatically considered a revokation to SWT GmbH.

 

  1. Contact possibilities through the website

Due to legal regulations, SWT GmbHs website contains information to enable a fast electronical contact to our company and immediate communication. This also contains a general address for the so called electronical post (E-Mail address). If an affected person contacts the responsible entity through E-Mail or a contact form on the website, the information they provide will be saved automatically. These voluntarily provided to the responsible entity personalized data from an affected person are saved with the purpose of processing them or to contact the affected person. They will not be transferred to a third party.

 

  1. Routine deletion and suspension of personalized data

The responsible entity processes and saves personalized data of the affected person only for the time frame that is needed to reach the purpose it was saved for or if it is stipulated by the european policy and regulation giver or a different law maker or law that the responsible entity has to abide.

If you omit the purpose it was saved for or one of the European poicy and regulations givers or another responsible law givers saving time is up, all personalized data will be routinely deleted or suspended according to the law.

 

  1. Rights of the affected person

  2. a) Right to confirmation

Every affected person has the right to demand a confirmation from those responsible for processing about whether they will process certain personalized data according to the rights that were granted by the European policy and regulation giver. If an affected person wants to make use of their right to demand this confirmation, they can contact an employee of the responsible business at any time.

 

  1. b) Right to disclosure

Every person that is affeced by the processing of personalized data is granted the right by the European policy and regulation giver to receive disclosure about the personalized data that has been saved by those responsible for processing and receive a copy of this disclosure. Furthermore, the European policy and regulations giver grants the affected person the right to the following disclosures:

 

    • the processing purposes
    • the categories of personalized data that is being processed
    • the receipients or categories of recipients to which the personalized data has been disclosed or will be disclosed. Particularly recipients in third countries or organizations.
    • If possible, the planned duration in which the personalized data will be saved. If this is not possible, the criteria fort he determination of this duration.
    • the existance of a right for correction or deletion of the personalized data or the restriction of processing them or a revocation right against this process
    • The existance of a right to complain to the supervisory authority.
    • if the personalized data have not been collected through the affected person: All available information about the origins of the data.
    • The existance of an automated decision making system, including profiling according to article 22, par.1 and 4 DS-GVO and (in most cases at least) significant information about the involved logic, the importance and the intended effect of this process on the affected person.

 

 

 

Furthermore, the affected person has the right to disclosure about whether their personalized data is being transferred to a third country or an organization. If this is the case, the affected person also has the right to receive disclosure about the suitable guarantees that are connected to this transfer. 

If an affected person wants to make use of their right to disclosure, they can contact the employees of the business responsible for processing at any time.

  1. c) Right to correction

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to demand the immediate correction of false personalized data. Furthermore the affected person has the right to demand – considering the purposes of the process- completion of incomplete personalized data.

If an affected person wants to make use of their right to correction, they can contact the employees oft he business responsible for processing at any time. 

  1. d) Right to deletion (Right to be forgotten)

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to demand the immediate deletion of their personalized data from those responsible for processing if one of the following reasons applies and if the processing of data is not required:

    • the personalized data has been collected for purposes they are no longer needed for.
    • the affected person revokes their consent to the process of their data according to Article 6, par. 1, letter (a) DS-GVO or Article 9, par. 2, letter (a) DS-GVO and there is no other legal base to determine this process.
    • the affected person revokes their consent according to Article 21, par. 1 DS-GVO and there are no justifiable reasons for the process of their data or the affected person revokes their consent fort he process of data according to Article 21, par. 2 DS-GVO.
    • the personalized data have been processed illegally.
    • the deletion of the personalized data is necessary for the responsible entity in order to complete a legal obligation according to the Union law or the law of its members.
    • the personalized data was obtained with regard to offered services by the information society according to Article 8, par. 1 DS-GVO.

In the case that one of the above reasons applies and the affected person wants to arrange the deletion of their personal data that has been saved with SWT GmbH, they can contact an employee at any time. SWT GmbHs employee will initiate the immediate deletion. 

If the personalized data has been published by SWT GmbH and our company is considered responsible for the deletion of said files according to Article 17, par. 1 DS-GVO, then SWT GmbH will take appropiate measures in consideration of the available technologies and implementing costs. We also have to take technical mesures in order to inform others who are responsible for the data processing, who process the publishing of personalized data so that they know that the affected person has demanded the deletion of all links that lead to their personalized data as well as all copies or replications of these data, for as long as the data processing is not neccessary. The employee of SWT GmbH will take the appropiate measures in this individual case.

  1. e) Restriction of processing

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to demand the restriction of processing, if the following requirements are met:

    • the accuracy of the personalized data is being disputed by the affected person given a time frame that enables the responsible entity to review the personalized data.
    • the processing is unlawful and the affected person refuses a deletion of their personalized data and instead demands a restriction oft he usage of their data.
    • the responsible entity no longer needs the personalized data but the affected person needs them for further enforcement, execution or defence of a legal claim.
    • the affected person has revoked their consent to the data processing according to Article 21, par. 1 DS-GVO and it is not clear yet, whether the rightful reasons of those responsible outweight those of the affected person. 

If the above mentioned requirements have been met and the affected person wants to demand the restriction of their personalized data that have been saved by SWT GmbH, they can contact an employee from SWT GmbH at any time. The employee will initiate the restrictions oft he processing.

  1. f) Right to data transferablility

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to receive their data in a structured, common and machine readable format from those responsible for processing their personalized data. They also have the right to transfer this data to another responsible entity without any hindrance from the responsible processor who provided this data as long as the consent was given according to Article 6, par. 1, letter a DS-GVO or Article 9, par. 2, letter a DS-GVO or through a contract according to Article 6, par. 1, letter a, DS-GVO and the processing is executed through an automated process and as long as the processing is not required for the execution of a task which is of public interest or in execution of the public authority which has been transferred to those responsible. 

Furthermore the affected person has the right to initiate the transfer of their personal data directly from those responsible to another responsible entity while exercising their right to data transferability according to Article 20, par. 1 DS-GVO as long as this is technically possible and as long as no ones rights or liberties are impaired.

To enforce their right to data transferability the affected person can contact an employee from SWT GmbH at any time. 

  1. g) Right to revocation

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to revoke their consent to having their personalized data processed due to Article 6, par. 1, letter e or f DS-GVO at any time for reasons that result from their specific situation. This also counts for profiling that is done due to these provisions.

SWT GmbH will no longer process the personalized data in case of a revocation unless we can provide mandatory protective reasons for the processing which outweigh the interests, rights and liberties of the affected person or the processing serves the enforcement or exercise of defense or legal claims.

If SWT GmbH processes the personalized data in order to use it for direct advertising, the affected person has the right to revoke their constent to the processing of their data for the purpose of advertising at any time. This also counts for profiling i fit is in any way connected tot he advertising. If the affected person revokes their consent to processing their personalized data for the purpose of direct advertising, SWT GmbH will no longer process them for this. 

The affected person also has the right to revoke their consent to having their personalized data processed for scientifical or historical purposes by SWT GmbH or for statistical purposes according to Article 89, par. 1 DS-GVO for reasons that result from their specific situation unless the processing is neccessary fort he fullfillment of a task that is of public interest. 

To exercise their right to revocation the affected person can contact one of SWT GmbHs employees directly. The affected person is also free to use an automated process to make use or their right to revocation in connection with the usage of the services oft he IT company, irrespective of guideline 2002/58/EG.

  1. h) Automated decisions in isolated cases, including profiling

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to refuse to subject themselves to a decision that was made by a purely automated process – including profiling – which will have legal affects on them or significantly impair them in any other way for as long as the decision is (1) not neccessary for the completion or fullfillment of a contract between the affected person and the responsibly entity or is (2) permitted by the legal regulations of the Union or one of its members which the responsible entity has to submit to  an das long as the regulations contain appropiate measures to preserve the rights and liberties as well as the rightful interests of the affected person or (3) with explicit consent of the affected person. 

If the decision (1) is neccessary for the completion or fullfillment of a contract or (2) occurs along with the explicit consent from the affected person, SWT GmbH will take appropitate measures in order to preserve the rights and liberties as well as the rightful interests of the affected person which includes the right to obtain human intervention on part of those responsible to express their point of view and contest the decision. 

If the affected person wants to make use of their right regarding automated decisions, they can contact an employee from the responsible entity at any time. 

  1. i) Right to revoke data protection consent

Every person that is affected by the processing of their personalized data is granted the right by the European policy and regulations giver to revoke their consent to the processing of personalized data at any time.

If the affected person wants to make use of their right to revoke their consent, they can contact an employee from the responsible entity at any time. 

 

  1. Data protection clause for the use of Google-Analytics (with anonymizing function)

Those responsible for processing have incorperated the Google-Analytics component (with anonymizing function) into this website. Google-Analytics is a web-analyzing-service. A web-analysis is the collection and evaluation of data about the behaviour of the websites users. A web-analysis-service also collects data about from which website the affected person moved to this website (so called referrers) and which sub websites were accessed as well as the time that was spent on them. A web-analysis is mainly used for optimizing the website and to analyse the costs and value of internet marketing.

Operator of the Google-Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Those responsible for processing uses the addition “_gat._anonymizeIp” for their web-analysis through Google-Analytics. With this addition the IP-address of the affected persons internet connection will be shortened and anonymized by google if the affected person has accessed the website from a member of the European Union or another party in agreement with the European economic area. 

The purpose of the Google-Analytics component is the analysis of the visitor flow on our website. Google also uses the gained data and information to analyze our website to create online-reports which show the activities on our website and to show the usage of services that are connected to our website.

Google-Analytics uses cookies on the IT-System of the affected person. What Cookies are has been previously explained. By placing a Cookie, Google will be enabled to analyze the usage of our website. Every time a page from our website is downloaded, the Cookie on the affected persons It-system is being prompted by the Google-Analytics component to automatically transfer data to Google with the purpose of an online-analysis.  In the course of this technical procedure Google receives knowledge about personalized data like the IP-address of the affected person which helps Google track the origin of the websites visitors as well as the clicks and can enable the commission settlement.

By using a Cookie, an affected persons peronal data such as the time of the access, the location from which they accessed the website and the frequency of their visits is saved. Every time they visit our website, their personal data, including the IP-address of the affected persons internet connection, is transferred to Google in the USA. These personal data will be saved by Google in the USA. Google may pass these personal data that were obtained through this technical procedure on to a third party.

The affected person can revoke their consent to the placement of a Cookie through our website at any time by selecting the appropiate settings in their internet browser. Such an internet browser setting would also prevent Google from placing a Cookie on the affected persons IT-system. A Cookie that has been placed by Google-Analytics can also be deleted through the internet browser or another software program at any time.

 

Additionally, the affected person has the possibility to revoke their consent and prevent the collection and processing of their personalized data related to their visit of this website by Google-Analytics. In order to do this, the affected person has to download and install the following Browser-Add-On  Link https://tools.google.com/dlpage/gaoptout . This Browser-Add-On communicates with Google-Analytics through JavaScript and tells it not to transfer any personalized data of the websites visitors to Google-Analytics. Google considers the installation of this Browser-Add-On a revocation. If the affected persons IT-system gets deleted, formatted or newly installed at a later point, they will have to reinstall the Browser-Add-On to deactivate Google-Analytics. If the affected person or another person that is capable deletes the Browser-Add-On or deactivates it, it is possible to resinstall or reactivate it.

You can find further information about Googles data protection policy at: https://www.google.de/intl/de/policies/privacy/ or http://www.google.com/analytics/terms/de.html .

 

A more precise explaination of what Google-Analytics is can be found here: https://www.google.com/intl/de_de/analytics/ .

 

  1. Data protection clause for the use of YouTube

Those responsible for processing have integrated the YouTube component to this website. YouTube is an internet video-portal that makes it possible for video-publishers to upload their video clips for free and enables its users to watch, review and comment on these videos for free. YouTube allows the publishing of all kinds of videos which is why users can watch complete movies or TV-shows, music videos, trailers or self made videos from ist users.

 

Operator of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC. Is an affiliate company of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Every time the affected person clicks on a page on the responsible entities,who implemented a YouTube component (YouTube video), website, the IT-System of the affected person will be automatically prompted by the YouTube component to download the appropiate YouTube component from YouTube to display the video. Further information about YouTube can be found at https://www.youtube.com/yt/about/de/ . In the course of this technical process, YouTube and Google receive information about which sub pages of our internet website have been visited by the affected person.

If the affected person is logged into YouTube at the same time, YouTube recognizes which specific sub page of our website has been visited if a sub page contained a YouTube video. These information are collected by YouTube and Google and will be assigned to the respective YouTube account.

 

YouTube and Google only receive information about which sub pages of our website the affected person has visited through the YouTube component, when the affected person is logged into Youtube at the time oft he visit. This happens whether or not the affected person has clicked on a YouTube video. If such a transfer of information to YouTube and Google is not wanted, the affected person can prevent this by logging out of theur YouTube account.

For further information about YouTubes published data protection policy click here: https://www.google.de/intl/de/policies/privacy/

 

  1. Payment method: Data protection clause for PayPal as a payment method

 

Those responsible for processing have integrated the PayPal component into their website. PayPal is a payment service provider. Payments are processed through so called PayPal accounts, which virtually display private and cooporate bank accounts. PayPal also offers the possibility to virtually process credit card payments when a user does not have a PayPal account. A PayPal account is created by using an E-Mail address which is why there are no classic bank account numbers. PayPal makes it possible to trigger online payments to a third party or to receive payments. PayPal also takes place oft he trustee and offers buyer protection services.

 

 

The European operator for PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg.

 

 

If an affecter person selects „PayPal“ as a payment method in our online-shop, their data will automatically be transferred to PayPal. By selecting this payment method the affected person agrees tot he transfer or personal data that is required for this payment process.

 

 

The data that is typically transferred to PayPal are information like first name, last name, address, E-Mail address, IP-address, phone number, mobile number and other information that are neccessary for the payment process. Personal data that is connected tot he purchase order are also neccessary for processing the purchase agreement.

 

 

The data transfer serves the payment process as well as the prevention of fraud. Those responsible will forward personalized data to PayPal especially if there is a justifiable interest in the transfer. The personal data that is being transferred to PayPal from those responsible might be transferred to a credit information agency by PayPal. This transfer serves the purpose of identification and credit assessment.

 

 

PayPal may also transfer the personal data to connected businesses, service providers or sub businesses if this is required to fullfill the contract or if they were assigned to process the data.

 

 

The affected person has the possibility to revoke their consent towards the handling of their personal data by PayPal at any time. A revocation does not affect the personal data that mandatory (according to contract) in order to process payments or need tob e transferred.

 

 

PayPals current valid data protection policy can be found here: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

 

 

  1. Legal basis for the processing

Art. 6 I lit. a DS-GVO serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the affected is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6 I lit. b DS-GVO. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DS-GVO. In rare cases, the processing of personal data may be necessary to protect the vital interests of the affected person or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GVO. Finally, processing operations could be based on Article 6 I lit. f DS-GVO. This legal basis is used for processing operations which are not covered by any of the above mentioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the affected person which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the affected person is a client of the controller (Recital 47 Sentence 2 DS-GVO).

  1. The legitimate interests pursued by the responsible entity or by a third party

Where the processing of personal data is based on Article 6 I lit. f DS-GVOour legitimate interest is to carry out our business in favor of the well-being of all our employees and the shareholders.

  1. Period for which the personal data will be stored

 

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

 

  1. Provision of personal data as statutory or contractual requirement; Requirement necessary to enter into a contract; Obligation of the data subject to provide the personal data; possible consequences of failure to provide such data

 

We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes it may be necessary to conclude a contract that the affected person provides us with personal data, which must subsequently be processed by us. The affected person is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the affected person could not be concluded. Before personal data is provided by the affected person, the affected person must contact any employee. The employee clarifies to the affected person whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.

 

  1. The existence of automated decision making

As a responsible company, we do not use automatic decision-making or profiling.

 

This Privacy Policy has been generated by the Privacy Policy Generator of the DGD Deutsche Gesellschaft für Datenschutz GmbH, who serves as an external data protection office in Dortmund, that was developed in cooperation with Christian Solmecke from Cologne.

Categories
Categories
Find us
Blog
FAQ
Mon-Fri, 9:00 - 17:00

02771 - 80098 - 10

Telephone support and consultation

Copyright © 2024 SWT GmbH 

We accept