Privacy policy - LayerByLayer Online-Shop

Data protection

Below we will inform you about the processing of your personal data when using our online offering.

Responsible person

Lars Holfort

Dellestr. 9

40627 Düsseldorf

Telephone: 021163550780

Fax: 021163550789

Email: service@layerbylayer.de

contact person

If you have any questions about data protection, please contact us using the contact details provided above.

Data Protection Officer

Lars Holfort

LayerByLayer Owner Lars Holfort

Dellestr. 9

40627 Düsseldorf

Telephone: 021163550780

Fax: 021163550789

Email: service@layerbylayer.de

Storage period

We generally delete your personal data when it is no longer necessary for the purposes for which it was collected or otherwise processed.

If we have asked for your consent and you have given it, we will delete your personal data if you withdraw your consent and there is no other legal basis for processing.

We will delete your personal data if you object to the processing and there are no overriding legitimate reasons for the processing or you object to the processing for the purposes of direct marketing or related profiling.

If deletion is not possible because processing is still necessary to fulfill a legal obligation (legal retention periods, etc.) to which we are subject, or to assert, exercise or defend legal claims, we will restrict the processing of your personal data.

Further information on the storage period can be found in the following passages.

Your rights

You have the following rights towards us regarding your personal data:

- Right to information

- Right to rectification

- Right to deletion

- Right to restriction of processing

- Right to object to processing

- Right to data portability

You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6 (1) (e) or (f) of the GDPR; This also applies to profiling based on these provisions. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

If we process your personal data for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purposes of such advertising; This also applies to profiling insofar as it is connected to such direct advertising. We will then no longer process your personal data for these purposes.

You have the right to withdraw consent to the processing of your personal data at any time if you have given us such consent. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.

You have the right to complain to a supervisory authority about our processing of your personal data.

Providing your personal data

In principle, the provision of your personal data is neither legally nor contractually required and is not necessary for the conclusion of a contract. In principle, you are not obliged to provide your personal data. If this should nevertheless be the case, we will inform you separately when we collect your personal data (for example by marking the mandatory fields on input forms).

Failure to provide your personal data regularly means that we do not process your personal data for one of the purposes described below and you cannot take advantage of an offer related to the respective processing (example: you will receive our newsletter without providing your email address not).

Web hosting

We use external services for web hosting. These services may have access to personal data that is processed as part of the use of our online offering.

Web server log files

We process your personal data in order to be able to show you our online offering and to ensure the stability and security of our online offering. Information (e.g. requested element, URL accessed, operating system, date and time of the request, browser type and version used, IP address, protocol used, amount of data transferred, user agent, referrer URL, time zone difference to Greenwich Mean Time (GMT) and /or HTTP statuscode) stored in so-called log files (access log, error log, etc.).

If we have asked you for your consent and you have given it, the legal basis for the processing is Article 6 (1) (a) GDPR. If we have not asked you for your consent, the legal basis for the processing is Article 6 (1) (f) GDPR. Our legitimate interest is the proper display of our online offering and ensuring the stability and security of our online offering.

Security

For security reasons and to protect the transmission of your personal data and other confidential content, we use encryption on our domain. You can recognize this in the browser line by the string “https://” and the lock symbol.

contact

If you contact us, we will process your personal data to process your contact.

If we have asked you for your consent and you have given it, the legal basis for the processing is Article 6 (1) (a) GDPR. If we have not asked you for your consent, the legal basis for the processing is Article 6 (1) (f) GDPR. Our legitimate interest is to process your contact. If the processing is necessary to fulfill a contract with you or to carry out pre-contractual measures based on your request, the legal basis for the processing is Article 6 (1) (b) GDPR.

We use external services to provide and maintain our email inboxes. These services may have access to personal data that is processed when you contact us.

To support the processing of your contact, we use support systems (appointment booking systems, live chats, ticket systems or help desks, etc.) and use external services for this purpose. These services may have access to personal data processed as part of contacting us via a support system. Further information about the services used, the scope of data processing and the technologies and procedures used when using the respective services can be found below in the further information about the services we use and under the links provided there:

Cookies & similar technologies

Cookies are used. Cookies are text information that is stored on your device. A distinction is made between session cookies, which are deleted immediately after you close your browser, and persistent cookies, which are only deleted after a certain period of time.

In addition to cookies, similar technologies (tracking pixels, web beacons, etc.) can also be used. The following comments on cookies also apply to similar technologies. These statements also apply to further processing related to cookies and similar technologies (analysis & marketing, etc.). This applies in particular to any consent you may have given to the use of cookies. This also extends to other technologies and to further processing related to cookies and similar technologies.

Cookies can be used to enable the use of certain functions. Cookies can also be used to measure the reach of our online offering, to design it according to needs and interests and thus to optimize our online offering and our marketing. Cookies can be used by us and by external services.

We use a consent tool to manage the cookies used and the related consents. Details about the cookies used (purpose, storage period, external service if applicable, etc.) and the consent tool can be found in the following passages and the consent tool we use.

If we have asked you for your consent and you have given it, the legal basis for the processing is Article 6 (1) (a) GDPR. If we have not asked you for your consent, the legal basis for the processing is Article 6 (1) (f) GDPR. Our legitimate interest is the management of the cookies used and the related consents. Depending on the purpose of the processing, our legitimate interests can be found in the following passages.

You can prevent the storage of cookies by setting your browser accordingly. Below we provide you with links for typical browsers where you can find further information on managing cookie settings:

- Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenjagd-desktop

- Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-vmanage-cookies-168dab11-0753-043d-7c16-ede5947fc64d

- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

- Opera: https://help.opera.com/de/latest/web-preferences/#cookies

- Yandex: https://browser.yandex.com/help/personal-data-protection/cookies.html

Further objection options can be found under the following links: https://www.youronlinechoices.eu/, https://youradchoices.ca/en/tools, https://optout.aboutads.info/?c=2&lang=EN and https: //optout.networkadvertising.org/?c=1.

If you prevent the storage of cookies, this may affect the proper functioning of our online offering. If you delete all cookies, the above settings will also be lost and will have to be made again.

You can also activate the “Do Not Track” function in your browser to signal that you do not want to be tracked. Below we provide you with links for typical browsers where you can find further information about the “Do-Not-Track” setting:

- Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-track

- Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=de

- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/verwenden-von-do-not-track-in-internet-explorer-11-ad61fa73-d533-ce96-3f64-2aa3a332e792

- Opera: https://help.opera.com/de/latest/security-and-privacy/

- Safari no longer supports the “Do Not Track” feature as of February 2019. Cross-website tracking can be prevented in Safari using the following link: https://support.apple.com/de-de/guide/safari/sfri40732/12.0/mac

- Yandex: https://yandex.com/support/browser/personal-data-protection/ytp.html

You can also revoke or manage your consent regarding the cookies used in the consent tool we use.

Newsletter

If we have asked for your consent and you have given it, we will process your email address in order to carry out email marketing and, if necessary, other personal data in order to address you personally. The legal basis for processing is Article 6 Paragraph 1 Letter a GDPR. The content of email marketing will be specifically described when your consent is obtained. Furthermore, email marketing contains information about us, our goods and services.

We use the so-called double opt-in procedure to prevent possible misuse of your personal data. To do this, after collecting your email address, we will send you an email to the email address you provided in which we ask you to confirm that you actually want email marketing. The legal basis for processing is Article 6 Paragraph 1 Letter f of the GDPR. Our legitimate interest is the legally compliant implementation of email marketing.

We log the time at which you gave your consent and the time at which you confirmed it, as well as your IP address and the content of your declaration of consent in order to be able to prove that your consent was obtained in a legally compliant manner. The legal basis for processing is Article 6 Paragraph 1 Letter f of the GDPR. Our legitimate interest is the legally compliant implementation of email marketing.

We use external services for email marketing. Further information on the services used, the scope of data processing and the technologies and procedures used when using the respective services as well as whether profiling takes place when using the respective services and, if applicable, information about the logic involved as well as the scope and intended effects of a Such processing for you can be found in the further information about the services we use at the end of this passage and under the links provided there.

You can revoke your consent at any time. Revoking your consent will not affect the lawfulness of the processing carried out based on your consent before its revocation. To revoke your consent, you can use the link provided in the emails or contact us using the contact details provided above.

If you have withdrawn your consent, we reserve the right to process your personal data in a so-called blacklist/restricted list in order to ensure that no further email marketing is carried out in connection with this personal data in the future. The legal basis for processing is Article 6 Paragraph 1 Letter f of the GDPR. Our legitimate interest is to avoid unwanted email marketing.

We process your personal data as part of tracking or success measurements in order to measure the reach of our email marketing, to design it in a needs-based and interest-based manner and thus to optimize our email marketing. This can also be used for profiling (for purposesadvertising, personalized information, etc.). Profiling can also occur across services and devices. If we have asked you for your consent and you have given it, the legal basis for the processing is Article 6 (1) (a) GDPR. If we have not asked you for your consent, the legal basis for the processing is Article 6 (1) (f) GDPR. Our legitimate interest is to optimize our email marketing. Unfortunately, it is not possible to separately revoke your consent or object to tracking or performance measurements. You must use the above options to withdraw your consent or object to the processing of your personal data for the purpose of email marketing as a whole.

Mailchimp

Provider: The Rocket Science Group, LLC, United States of America. The Rocket Science Group, LLC is a subsidiary of Intuit Inc., United States of America.

Website: https://mailchimp.com/de/?currency=EUR

Further information & data protection: https://www.intuit.com/privacy/statement/

Guarantee: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an appropriate level of data protection based on a decision by the European Commission.

Analysis & Marketing

We process your personal data in order to measure the reach of our online offering, to design it in a needs-based and interest-based manner, and thus to optimize our online offering and our marketing.

We use external services for analysis and marketing. This can also involve profiling (for advertising purposes, personalized information, etc.). Profiling can also occur across services and devices. Further information on the services used, the scope of data processing and the technologies and procedures used when using the respective services as well as whether profiling takes place when using the respective services and, if applicable, information about the logic involved as well as the scope and intended effects of a Such processing for you can be found in the further information about the services we use at the end of this passage and under the links provided there.

Further information about cookies & similar technologies can be found above.

Google Analytics

Provider: In the European Economic Area (EEA) and Switzerland, Google services are offered by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, United States of America.

Website: https://marketingplatform.google.com/intl/de/about/analytics/

Further information & data protection: https://support.google.com/analytics/answer/6004245?hl=de and https://policies.google.com/?hl=de

The transfer of personal data to third countries depends on the respective Google service and is subject to the various EU standard contractual clauses, provided these are offered by Google. Further information on this and Google's responsibility can be found at the following link: https://business.safety.google/gdpr/. You can view a copy of the EU standard contractual clauses there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an appropriate level of data protection based on a decision by the European Commission.

LeadRebel

Provider: Pulserio AG, Switzerland.

Website: https://leadrebel.io/de/

Further information & data protection: https://leadrebel.io/de/privacy

Adequate level of data protection when transferring personal data to Switzerland: Adequacy decision of the EU Commission

Mailchimp

Provider: The Rocket Science Group, LLC, United States of America. The Rocket Science Group, LLC is a subsidiary of Intuit Inc., United States of America.

Website: https://mailchimp.com/de/?currency=EUR

Further information & data protection: https://www.intuit.com/privacy/statement/

ouseflow

Provider: Mouseflow ApS, Denmark.

Website: https://mouseflow.com/de/

Further information & data protection: https://mouseflow.com/de/gdpr/ and https://mouseflow.com/legal/visitor/privacy-policy/

Pipedrive

Provider: If you are ordinarily resident in the United Kingdom or Gibraltar, this service is provided by Pipedrive UK Limited, United Kingdom. If you have your habitual residence in the United States of America or Canada, this service is offered by Pipedrive Inc., United States of America. If you have your habitual residence in the European Economic Area, Russia, Switzerland, Turkey, Ukraine or the rest of the world, this service is offered by Pipedrive OÜ, Estonia.

Website: https://www.pipedrive.com/de

Further information & data protection: https://www.pipedrive.com/en/privacy

Review platforms

We use rating platforms and process your personal data to assess our performance and thus optimize our online offering and marketing.

If we or the review platforms we use have asked you for your consent and you have given it, we or the review platforms we use will process your personal data to remind you to submit a review. The legal basis for processing is Article 6 Paragraph 1 Letter a GDPR.

Further information about the evaluation platforms we use, the scope of data processing and the technologies and procedures used when using the respective evaluation platforms can be found in the further information about the evaluation platforms we use at the end of this passage and under the links provided there.

Google customer reviews

Website: https://support.google.com/merchants/answer/7124326?hl=de

Further information & data protection: https://policies.google.com/?hl=de

This data protection declaration was created using the getLaw.de configurator.