Privacy policy
The controller within the meaning of data protection law is:
Super Gem Gauger Fanderl GbR
Katrin Gauger and Johanna Fanderl
Lommelstr. 14
81479 Munich
Thank you for your interest in our online store. The protection of your privacy is very important to us. Below we inform you in detail about how we handle your data.
1. access data and hosting
You can visit our website without providing any personal data. Each time a website is accessed, the web server only automatically saves a so-called server log file, which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data) and documents the access.
This access data is analyzed exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. In accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, this serves to safeguard our legitimate interests in the correct presentation of our offer, which predominate in the context of a balancing of interests. All access data will be deleted no later than seven days after the end of your visit to our website.
Hosting services by a third-party provider
As part of processing on our behalf, a third-party provider provides us with the services for hosting and displaying the website. This serves to safeguard our legitimate interests in the correct presentation of our website, which outweigh our interests. All data collected as part of the use of this website or in the forms provided for this purpose in the online store as described below are processed on its servers. Processing on other servers only takes place within the scope described here.
This service provider is located within a country of the European Union or the European Economic Area.
2. data collection and use for contract processing and when opening a customer account
We collect personal data if you voluntarily provide it to us as part of your order, when contacting us (e.g. via contact form or e-mail) or when opening a customer account. Mandatory fields are marked as such, as in these cases we need the data to process the contract or to process your contact or open the customer account and you cannot complete the order and/or open the account or send the contact without providing it.
Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for contract processing and processing your inquiries. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration. Deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described below or via a function provided for this purpose in the customer account.
3. data transfer
In order to fulfill the contract in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select in the ordering process, we will pass on the payment data collected for the processing of payments to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by us or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
4. e-mail newsletter
E-mail advertising with registration for the newsletter
If you subscribe to our newsletter, we will use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After unsubscribing, we will delete your e-mail address unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.
5 Cookies and web analysis
In order to make visiting our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in an optimized presentation of our offer in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR. Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies). The duration of storage can be found in the overview in the cookie settings of your web browser. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.
Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:
Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies
Safari™: https://support.apple.com/kb/ph21411?locale=de_DE
Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647
Firefox™ https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Opera™ : http://help.opera.com/Windows/10.20/de/cookies.html
Deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout
If you do not accept cookies, the functionality of our website may be limited.
Use of Google (Universal) Analytics for web analysis
Insofar as you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, this website uses Google (Universal) Analytics, a web analysis service of Google LLC (www.google.de), for the purpose of website analysis. Google (Universal) Analytics uses methods that enable your use of the website to be analyzed, such as cookies. The automatically collected information about your use of this website is usually transmitted to a Google server in the USA and stored there. By activating IP anonymization on this website, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The anonymized IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. After the end of the purpose and the end of the use of Google Analytics by us, the data collected in this context will be deleted.
Google LLC is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
You can withdraw your consent at any time with effect for the future by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de . This will prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google.
As an alternative to the browser plugin, you can click this link to prevent Google Analytics from collecting data on this website in the future. An opt-out cookie will be stored on your end device. If you delete your cookies, you will be asked to give your consent again.
6. advertising via marketing networks
Google AdWords Remarketing
We use Google AdWords to advertise this website in Google search results and on third-party websites. For this purpose, the so-called remarketing cookie is set by Google when you visit our website, which automatically enables interest-based advertising by means of a pseudonymous cookie ID and on the basis of the pages you visit. This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in the optimal marketing of our website in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. After the end of the purpose and the end of the use of Google AdWords Remarketing by us, the data collected in this context will be deleted.
Any further data processing will only take place if you have consented to Google linking your web and app browsing history to your Google account and using information from your Google account to personalize ads you see on the web. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing. For this purpose, Google temporarily links your personal data with Google Analytics data in order to create target groups.
Google AdWords Remarketing is an offer from Google LLC (www.google.de). Google LLC is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. Based on this agreement between the USA and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
You can deactivate the remarketing cookie via this link. You can also obtain information from the Digital Advertising Alliance about the setting of cookies and make settings for this.
7. use of social plugins from Facebook, Google, Twitter, Instagram, Pinterest using the Shariff solution.
Social buttons from social networks are used on our website.
This serves to safeguard our legitimate interests, which predominate in the context of a balancing of interests, in the optimal marketing of our offer in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. In order to increase the protection of your data when you visit our website, these buttons are not fully integrated into the page as plugins, but only by using an HTML link. This integration ensures that no connection is established with the servers of the provider of the respective social network when a page of our website containing such buttons is accessed.
If you click on one of the buttons, a new browser window opens and calls up the page of the respective service provider, where you can (if necessary after entering your login data) click on the Like or Share button, for example.
The purpose and scope of the data collection and the further processing and use of the data by the providers on their pages as well as a contact option and your rights and setting options in this regard to protect your privacy can be found in the providers' data protection information. http://www.facebook.com/policy.php
https://twitter.com/privacy
http://www.google.com/intl/de/+/policy/+1button.html
https://help.instagram.com/155833707900388
https://about.pinterest.com/de/privacy-policy
8. contact options and your rights
As a data subject, you have the following rights
in accordance with Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein
in accordance with Art. 16 GDPR, the right to demand the immediate rectification of incorrect or incomplete personal data stored by us
in accordance with Art. 17 GDPR, the right to request the erasure of your personal data stored by us, unless further processing is necessary
- to exercise the right to freedom of expression and information
- for compliance with a legal obligation;
- for reasons of public interest or
- for the establishment, exercise or defense of legal claims
is necessary;
in accordance with Art. 18 GDPR, the right to demand the restriction of the processing of your personal data, insofar as
- the accuracy of the data is disputed by you
- the processing is unlawful, but you oppose the erasure of the data
- we no longer need the data, but you need it for the establishment, exercise or defense of legal claims, or
- you have objected to the processing pursuant to Art. 21 GDPR
in accordance with Art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller
in accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters.
If you have any questions about the collection, processing or use of your personal data, for information, correction, blocking or deletion of data as well as revocation of consents granted or objection to a specific use of data, please contact us directly via the contact details in our imprint.
********************************************************************
Right to object
If we process personal data as described above in order to protect our legitimate interests, which outweigh your interests, you can object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. If the processing is carried out for other purposes, you only have the right to object if there are grounds relating to your particular situation.
After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims.
This does not apply if the processing is for direct marketing purposes. In this case, we will no longer process your personal data for this purpose.
********************************************************************
Website analysis with Google Analytics
This website uses Google Analytics 4, a web analytics service provided by Google LLC, after the user's consent has been obtained. The responsible bodies are Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, for users from the EU/EEA and Switzerland. Google Analytics 4 uses IP anonymization by default, i.e. your IP address is immediately truncated when you interact with this website. Only in rare cases will your full IP be transmitted to a Google server based in the USA and truncated there. Google asserts that the IP transmitted via Google Analytics is never combined with other Google data. Google Analytics 4 is only activated with your consent via the cookie banner and can be revoked at any time via the cookie settings.
The processed data includes: Usage data such as page views, website interaction, general location and visit duration; and Communication data such as truncated IP addresses, user agent, language settings and screen resolution. The purpose of this data processing is for Google to evaluate the use of your website on your behalf, compile reports on the activities and analyze the performance of the website. This data processing is legal, based on your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 sentence 1 TDDDG.
Google Ireland Limited, Google LLC and Alphabet Inc are the recipients of this data. Your website usage information is usually sent to a Google server in the USA, an action legitimized by the recent adequacy decision of the European Commission of 10 July 2023, which recognizes the certification of Google LLC under the EU-US Privacy Shield. In terms of data storage, any data associated with cookies is automatically deleted after a certain period of time, monthly for data that has reached its retention period and a maximum of 2 years for Google Analytics cookies.
For more information on the terms of use of Google Analytics and Google's privacy policy, please visit {link}https://policies.google.com/{link-ende} and {link}https://support.google.com/analytics/answer/12017362{link-ende}.
Google Analytics uses “cookies”, which are text files placed on the visitor's computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by the site visitor (including the shortened IP address) is usually transmitted to a Google server and stored there.
Google Analytics is used exclusively with the extension “_anonymizeIp()” on this website. This extension ensures anonymization of the IP address by shortening it and excludes the possibility of direct personal references. The extension shortens the IP address of Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the corresponding browser as part of Google Analytics will not be merged with other Google data.
On behalf of the website operator, Google will use the information collected to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator (Art. 6 para. 1 lit. f GDPR). The legitimate interest in data processing lies in the optimization of this website, the analysis of the use of the website and the adaptation of the content. The interests of users are adequately protected by pseudonymization.
Google LLC. is certified according to the so-called Privacy Shield (list entry here) and guarantees an appropriate level of data protection on this basis. The data sent and linked to cookies, user identifiers (e.g. user ID) or advertising IDs are automatically deleted after 50 months. Data that has reached the end of its retention period is automatically deleted once a month.
The collection by Google Analytics can be prevented by the site visitor adjusting the cookie settings for this website. The collection and storage of the IP address and the data generated by cookies can also be objected to at any time with effect for the future. The corresponding browser plugin can be downloaded and installed at the following link: https://tools.google.com/dlpage/gaoptout.
The website visitor can prevent the collection of data by Google Analytics on this website by clicking on the following link. An opt-out cookie will be set to prevent the future collection of data when visiting this website.
Further information on the use of data by Google, setting and objection options, can be found in Google's privacy policy(https://policies.google.com/privacy) and in the settings for the display of advertisements by Google(https://adssettings.google.com/authenticated).
Spam protection with Google reCAPTCHA
We have implemented Google reCAPTCHA in forms on our website to check whether the data entered in the forms comes from human visitors or from machines or automated programs, also known as “bots”. This tool automatically analyzes the behavior of website visitors as soon as they interact with the website, using various information such as IP address, length of stay and mouse movements. The data processed includes usage data such as the website accessed, the date and time of access and mouse movements, as well as communication data such as IP addresses, browser type and operating system. This processing is aimed at website visitors and users of online services. The main purpose of this processing is to prevent misuse of our contact form and thereby increase security. The legal basis for this is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f. GDPR. The data recipients are Google Ireland Ltd, based at Google Building Gordon House, Barrow St, Dublin 4, Ireland, (https://policies.google.com/privacy) and our website hosting provider. While your personal data is processed within the EU, the retention period for the processed data is determined by Google Ireland Limited. Further information can be found in Google reCAPTCHA's privacy policy: https://policies.google.com/privacy
Website analysis
When you visit our website, we collect information about your usage through a web analytics tool provided by our hosting service. This tool collects and combines your IP address and your user agent, shortens them and stores this data with a hash function. This process creates a visitor identifier that is encrypted with a randomly generated value (SALT) that changes every 24 hours. This method ensures that your IP address cannot be reconstructed from the stored visitor identifier, thus preserving your anonymity. In addition, we do not merge this information with other data and it is only stored on the hosting provider's server.
We also process web analytics data, HTTP data and web analytics profile data. The web analytics tool we use creates and stores a web analytics profile that contains details about your use of the website, such as page views, frequency of visits, time spent on each page and the user agent of your device. This includes usage data (such as web pages visited and access times) and communication data (such as browser type, operating system and IP addresses).
By processing this data, we want to analyze user behavior in summarized form in order to improve the presentation and content of our website. The legal basis for this processing is our legitimate interest (Art. 6 para. 1 lit. (f) GDPR), in particular in carrying out web measurements in order to improve our products and our website.
The data collected is shared with our website hosting provider and processed within the EU.